Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ryan_St__Germai
Collaborator

Migration to SHA256 for internal CA

Hey Guys. Just need a sanity check. Running R77.30 and our VPN Certificate is showing as using SHA1. I am looking at the SHA-1 and SHA-256 certificates in Check Point Internal CA (ICA) article.

It mentions Resetting SIC. Am I correct in assuming this is only if we wanted to re-generate the SIC certificate using SHA256? If we just simply wanted to re-generate the cert used for VPN this is not needed? So for instance all I would need to do is the following if I just wanted a SHA256 cert for VPN:

1. Run  cpca_client set_sign_hash sha256 on the mgmt box

2. Re-generate VPN certificate under each gateway

3. Install policy

Thanks!

 

0 Kudos
2 Replies
This widget could not be displayed.