Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Andreas_Aust
Collaborator

PMTR-23492, PRJ-2847 Added support for Internal CA certificate replacement.

Can anybody shed some light on "PMTR-23492, PRJ-2847 Added support for Internal CA certificate replacement." as stated in the sk153152.

0 Kudos
6 Replies
G_W_Albrecht
Legend
Legend

What is your issue with Internal CA certificate ? Looks like you want to know if the Jumbo Take helps with your problem, don't you ?

0 Kudos
Andreas_Aust
Collaborator

Nothing special. I just want to know what that means.

0 Kudos
Timothy_Hall
Champion
Champion

I'm assuming this is the ability to use an external CA for SIC operations between Check Point components such as Security Management Servers and Security Gateways.  This may be in response to audit findings showing that SIC is using internally-generated self-signed certs instead of those from a more trusted enterprise PKI.

 

"Max Capture: Know Your Packets" Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Andreas_Aust
Collaborator

Assuming is not enough, "scientia est potentia"

0 Kudos
G_W_Albrecht
Legend
Legend

Open a SR# with TAC and post the findings here - this will make us all more wise in wonderfull ways 😉 without having any issue at all...

0 Kudos
PhoneBoy
Admin
Admin

If I'm understanding the various support tasks correctly, there are some situations where the ICA needs to be updated when upgrading to R80.x from older installations that have been upgraded from legacy versions.
I don't believe it allows wholesale replacement of the ICA with something completely new (i.e. an external CA), but it does provide a mechanism to address the issue.
0 Kudos