Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ErikV
Explorer

Automatic certificate renewal

Hello,

 

With the maximum validity period of certificates becoming shorter all the time it is a challenge for large deployments to renew everything. Is there a known solution to automate this for the remote access solutions of Check Point? And maybe even the Gaia interface as well? (some of our customers even have an external wildcard certificate on their Gaia webinterface). 

Things like certbot don't apply for the VPN solution I guess, or maybe via the API?

Thanks in advance,

Regards,

Erik

 

0 Kudos
(1)
5 Replies
PhoneBoy
Admin
Admin

If you're using the ICA, then in theory, the certificates should renew automatically.
For an external CA, I'm not aware of an easy way to automate this stuff as there aren't really APIs or CLI commands to do this that I'm aware of.

0 Kudos
ErikV
Explorer

I see in API v1.8 there are certificate installation options for the platform portal and the usercheck page, but not for the mobile access portal (or I did not find it yet). Let's hope this will be added in the near future as well!

Regards,

Erik

 

0 Kudos
checkfreehs
Explorer

There must be something for this right?

Can't believe that we still need to do this time consuming job by hand every year again.

0 Kudos

Hi, Did you find any solution on this problem.?

0 Kudos

Hello, 

i just had the same issue now, VPN from a remote GW just stopped.


Not Valid Before: Mon Nov 15 12:55:30 2021 Local Time
Not Valid After:  Wed Nov 16 12:55:30 2022 Local Time


Unbenannt.PNG

 

 

 


But iam not sure if VPN certificates really get renewed automatically?
Where in a guide/SK is this written?
Anyway, i have seen this too often i will open a case and ask TAC.

i will keep u posted!

 

0 Kudos