Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Virupaksha
Explorer
Jump to solution

Gateway certificate has expired

Hi Guys,

 

While accessing the remote VPN, getting gateway certificate expired alert.

 

Error:Connection Failed

 

"Gateway certificate has expired. Please check your's computer time and date settings"

 

I have checked the VPN expiry date but it is 14th may 2021.

 

Can you please help me on this.

 
 

 

0 Kudos
1 Solution

Accepted Solutions
_Val_
Admin
Admin

From https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

To renew the certificate:

  1. Edit the Check Point Gateway Object Properties in SmartDashboard.
  2. Go to the IPSec VPN tab.
  3. Under the Repository of Certificates section, click the "Renew" button.
  4. Click "Yes" to continue.
  5. Click "OK" to generate Keys and get Internal CA Certificate.
  6. Click "OK" on the Gateway Properties.
  7. Install Policy on the gateway.

View solution in original post

10 Replies
JozkoMrkvicka
Authority
Authority

Hi,

Have you checked times on your computer and your gateway/management? Are you using NTP ?

Did you check defaultCert certificate inside IPsec VPN tab of the affected gateway ?

What warning you are getting once you install policy on affected gateway ? Or, are you even able to install policy on affected gateway ?

Do you have valid license? did you use eval lic in the past which may expire ?

Kind regards,
Jozko Mrkvicka
0 Kudos
Virupaksha
Explorer

 Hi,

 

Thanks for the reply.

 

i have checked the IPSEC VPN tab under the activie gateway. In the tab default certificate is expired.

 

Can you please help me how to renew the default certificate in the IPSEC vpn.

 

 

 

0 Kudos
Prabulingam_N1
Advisor

Hi,

You should see "Renew" button there, please try selecting the option.

 

Regards, Prabu

0 Kudos
_Val_
Admin
Admin

From https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

To renew the certificate:

  1. Edit the Check Point Gateway Object Properties in SmartDashboard.
  2. Go to the IPSec VPN tab.
  3. Under the Repository of Certificates section, click the "Renew" button.
  4. Click "Yes" to continue.
  5. Click "OK" to generate Keys and get Internal CA Certificate.
  6. Click "OK" on the Gateway Properties.
  7. Install Policy on the gateway.
AkosBakos
Advisor
Advisor

Hi _Val_,

I'm just wondering maybe the VPN certificate renew can be done with mgmt_cli?
I haven't found any related topic in the guide.

What is your opinion?

BR

A

 

----------------
\m/_(>_<)_\m/
0 Kudos
PriyaRaut
Explorer

Kindly confirm if certificate to be export and share with users after renewal or it will automatically get synced ?

0 Kudos
Karan0587
Explorer

Hi  @_Val_ 

 

Is there a way the certificate can automatically renewed?

0 Kudos
_Val_
Admin
Admin

I do not think so, the procedure is already described above

0 Kudos
sarshar
Contributor

Hi Valerie,

Does the VPN connection get disrupted or glitched during the cert renewal?

Should I schedule a planned outage, even for a minute, prior to certificate generation?

0 Kudos
_Val_
Admin
Admin

Who's Valerie?

It is always a good idea to plan for downtime. Plan for a short interruption around policy installation time

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events