This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
emreturkmenler
Contributor
‎2021-01-14 09:20 AM

Can't delete expired or revoked certs from ICA Mgmt Tool ICA_CRL0.crl files being too big (sk135492)

Hi,

I'm having this issue as I cannot delete the expired and revoked certificates on the management server and their number has reached to almost 7000.

We are having the issues explained in the SK

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Symptoms

  • Policy installation fails with: "Installation failed. Reason: Authentication error [ SIC error no. 147]" error.

  • The policy installation might fail on any number of Security Gateways.

  • "Smart Dashboard component failed to connect to server . please contact technical support" error while opening any object.

  • Statuses for all existing Security Gateways appear with a red "X"

Cause

The $FWDIR/conf/crls/ICA_CRL0.crl CRL File on the Security Management Server is too large.

 

We did what was provided as a solution by revoking and creating the SIC certificate but it was no use.

As asked the file on the top is huge including thousands of certs.

# ls -la $FWDIR/conf/crls/
total 14500
drwxr-x--- 2 admin bin 327 Jan 14 11:26 .
drwxrwx--- 73  admin root 98304 Jan 14 11:58 ..
-rw-r----- 1 admin config 134178 Jan 14 10:16 ICA_CRL0.crl
-rw-r----- 1 admin config 525 Jan 14 10:16 ICA_CRL1.crl
-rw-r----- 1 admin root 525 Jan 14 10:16 ICA_CRL2.crl
-rw-r----- 1 admin root 525 Jan 14 10:16 ICA_CRL3.crl
-rw-rw---- 1 admin root 591 Jan 14 11:26 ICA_CRL4.crl
-rw-rw---- 1 admin root 2458 Jan 14 11:26 ICA_CRL5.crl

 

As you can see from the uploaded image I cannot delete them because the box next to the items don't show up, few of them do show but deleting doesn't happen on them either.

And to note , I was able to delete the items on the ICA_CRL1.crl file because there were 30 at most , but ICA_CRL0.crl doesn't allow me to which is the main file having the cert items.

I am running R80.30 Take 226.

Anyone had similar issues?

 

Thank you

 

Preview file
269 KB
0 Kudos
2 Replies
PhoneBoy
Admin
Admin
‎2021-01-14 09:50 PM

Given the nature of this issue, I recommend involving the TAC.
Worst case, you might have to completely reset SIC which is…painful. 

0 Kudos
emreturkmenler
Contributor
‎2021-01-15 07:42 AM
In response to PhoneBoy

Thank You PhoneBoy , it seems to be painful as we are working on the case with Support.

Wanted to ask if there are any others which have had similar issues.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events