This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Benjamin_Huss
Participant
‎2018-10-25 01:44 AM

Database Revision - SSL-Inspection Certificate backed up?

Hi there,

I have a question regarding database revision control.

Is there anything else being backed up besides firewall policies when creating a new database version?

A customer needs to install a new certificate for ssl-inspection but does not have a backup of the old certificate (.p12).

Or is there maybe another way to extract the current certificate with the private-key and possible intermediate certificates?

Benjamin

2 Replies
PhoneBoy
Admin
Admin
‎2018-10-25 01:49 PM

I presume the certificate would be part of a database revision, but you're also talking about extracting the certificate.

Which certificate?

  • Outbound inspection: It's a single CA
  • Inbound inspection: A single certificate per server

Either way, I don't believe we provide a mechanism to extract the private key.

0 Kudos
Dor_Marcovitch
Advisor
‎2018-10-25 05:11 PM

Take a backup, neitherway i dont ubderstand the need of backing up the old outbound certificate.

There is no way to export a certificate's private key with checkpoint products.

Just issue a new ca certificate for the ssl inspection and spread it to the organisation.

If the customer already has some ca authority in use within his network you can issue a certificate from the "subordonate certificate authority" template it will be more best practice and you wont need to speard the certificate in orser to use it.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events