Announcing General Availability
for Harmony Connect Windows App
CheckMates Go:
Schrödinger’s Patch
End of Support Policy Update
For R80.10 Release
Kaspars_Zibarts
Ok, this should have been rather easy and obvious. Internal CA for CMA has expired and I want to renew it. Gateways - easy peasy. But with management / CMA i struggle to find a single reference in User Centre / SKs. Anyone?
Hope this helps Invoking the ICA Management Tool
Connect to Internal CA Management Tool with a web browser.
Also this Expired certificates cannot be deleted from the Management Database
Kaspars_Zibarts
I did just that before but there are no tools to "renew" certs per say. Does that mean that deleting Expired certs will automatically recreate valid one?
Kaspars_Zibarts
False alarm, looked at the wrong cert! It was not CMA ICA cert! Sorry
Bad suggestion.
"Use the ICA management tool for user certificate operations only, such as certificate creation. Do not use the ICA management tool to change SIC certificates or VPN certificates. Change SIC and VPN certificates in SmartConsole."
you can use the command cp_conf ca, becarfull in production, you have to restablish sic to every firewall managed by this CMA.
cp_conf ca :Description Initialize the Certificate Authority Syntax
> cp_conf ca init
> cp_conf ca fqdn Parameter Description init Initializes the internal CA fqdn Sets the FQDN of the internal CA to >cp_conf finger Description Displays the fingerprint which will be used on first-time launch to verify the identity of the Security Management server being accessed by the SmartConsole. This fingerprint is a text string derived from the Security Management server's certificate Syntax
> cp_conf finger get
Thanks
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY