My name is Liel Shaish, I’m the RnD owner of the Check Point Internal Certificate Authority.
The reason for this change was to align our products with a top industry standard for certificate authority, and provide our security recommendation for certificate validity period. Shorter validity period will mitigate security risks when a private key is compromised.
The change was documented in sk176527 and was integrated into R81.10 version and into Jumbo Hotfix Accumulators for R80.20, R80.30, R80.40, and R81 versions. Of course, we always seek to improve our communication channels with customers.
We will learn from this feedback and document it in a better and clearer way. Although these are the recommended setting (1 year default and up to 3 years), we will provide an option to extend it beyond that according to customer’s decision.
Thank you for sharing this important feedback,