This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
BG
Participant
yesterday

Multi-Portal certificates does not renew

Hi all,

Mobile Access and IPSec VPN blades are enabled on firewall (R81.20 JT89). A couple of days ago certificate was expiring so we used "SmartConsole -> IPSec VPN -> Repository of Certificates Available to Gateway" section to renew certificate. From there it seems that certificate is renewed but if we access to mobile access portal page or usercheck page, these portals are still using old certificate. Also Identity Collector agents can not connect to gateway because of expired certificate. We also tried to use script provided in the https://support.checkpoint.com/results/sk/sk182070 but still old certificate is in use.

Is this a TAC case or am I missing something?

0 Kudos
7 Replies
G_W_Albrecht
Legend Legend
Legend
yesterday

After the script from sk182070 was used to renew, what does ./gateway_cert_util.sh -show all show ? You did perform a policy install after renewal ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
BG
Participant
yesterday
In response to G_W_Albrecht

Hi,

Command output is below. After renewing certificate with the script we have installed the policy. Screenshot 2025-01-07 142407.png

0 Kudos
G_W_Albrecht
Legend Legend
Legend
yesterday
In response to BG

Better contact TAC (after rebooting all to be sure)...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
BG
Participant
yesterday
In response to G_W_Albrecht

A reboot solved the problem. Thanks.

0 Kudos
PhoneBoy
Admin
Admin
yesterday
In response to BG

Believe this is a known issue currently that will be fixed in a future JHF.
I believe it is vpnd that needs to be restarted here (though a cprestart or reboot will also solve it).

0 Kudos
Lesley
Mentor Mentor
Mentor
yesterday

There are 2 certificates, one that is used for MAB and other one for IPSec VPN. Did you renew both?

Gateway -> Mobile access -> portal settings

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
Lesley
Mentor Mentor
Mentor
yesterday
In response to Lesley

Extra tip

https://support.checkpoint.com/results/sk/sk177903

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events