Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
genisis__
Advisor

Checkpoint updates through third-party proxy that does SSL inspection

Hi,

I'm attempting to get Checkpoint updates working through a Proxy (Fortigate) which does SSL inspection.  At present the updates are not working and I believe this is because of the certificate being presented back to SMS is the Fortigate one (Man-In-Middle).

I believe when Checkpoint Updates are flowing through a SSL inspection device the updates fail so there must be a logical solution to this.  I'm suspecting add a cert to the ca-bundle.crt file may be required, but that is a guess and clearly may not be a supported method.

I could add a bypass on the Fortigate but our policy required SSL inspection to be done.

I've raised a TAC case as well.

0 Kudos
2 Replies
This widget could not be displayed.