Within the Check Point knowledge base, there seems to be a variety of resoruces which address the inability of OPSEC applications to connect to r80. All of these fall back to the SDK for OPSEC not being updated until r80 was formally released.
sk103840 - Describes the issue and provides a process for setting the internal CA to use SHA1 from just after install.
sk109618 - Describes how to temporarily set the CA to issue a SHA1 certificate
sk110559 - Describes how to recreate the SIC certificate using SHA1 if it had been previously created as SHA256
The challenge is, what really works and won't require re-SICing with the objects already communicating and using SHA256?