Hey Guys. Just need a sanity check. Running R77.30 and our VPN Certificate is showing as using SHA1. I am looking at the SHA-1 and SHA-256 certificates in Check Point Internal CA (ICA) article.
It mentions Resetting SIC. Am I correct in assuming this is only if we wanted to re-generate the SIC certificate using SHA256? If we just simply wanted to re-generate the cert used for VPN this is not needed? So for instance all I would need to do is the following if I just wanted a SHA256 cert for VPN:
1. Run cpca_client set_sign_hash sha256 on the mgmt box
2. Re-generate VPN certificate under each gateway
3. Install policy
Thanks!