Hi all,
I have an old appliance running R77.30 (yes, it going to be replaced ASAP). 🙂
After Christmas I tried logging in to the SmartDashboard, but got a message about expired certificate.
The gateway is running fine, but I can't access the management.
I tried the suggested solution in sk20905, but it didn't help:
cpca_client revoke_cert -n "CN=cp_mgmt"
cpca_client create_cert -n "CN=cp_mgmt" -f $CPDIR/conf/sic_cert.p12
cpca_client lscert -stat Valid | grep -A 2 "CN=cp_mgmt,"
Subject = CN=cp_mgmt,OU=users,O=CheckPoint..w467zy
Status = Expired Kind = IKE Serial = 11158 DP = 1
Not_Before: Sun Jan 2 21:40:20 2022 Not_After: Sun Dec 26 16:20:31 2021
Subject = CN=cp_mgmt,O=CheckPoint..w467zy
Status = Expired Kind = SIC Serial = 46732 DP = 0
Not_Before: Wed Jan 5 13:24:02 2022 Not_After: Sun Dec 26 16:20:31 2021
"Not_Before" looks fine, but "Not_After" still shows 2021.
I guess the creation of new certificates is relying on something else that has the old date?
I will be happy for any suggestions.
I am aware of the issue with Unix epoch.
I am running Take 351, but it doesn't fix the certificate that is already expired.
https://community.checkpoint.com/t5/Management/Cannot-Connect-with-SmartConsole-to-R77-30-or-Earlier...
Best regards
Jan