This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Virupaksha
Explorer
‎2020-07-14 10:51 PM
Jump to solution

Gateway certificate has expired

Hi Guys,

 

While accessing the remote VPN, getting gateway certificate expired alert.

 

Error:Connection Failed

 

"Gateway certificate has expired. Please check your's computer time and date settings"

 

I have checked the VPN expiry date but it is 14th may 2021.

 

Can you please help me on this.

 
 

 

0 Kudos
1 Solution

Accepted Solutions
_Val_
Admin
Admin
‎2020-07-15 12:51 AM
Jump to solution

From https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

To renew the certificate:

  1. Edit the Check Point Gateway Object Properties in SmartDashboard.
  2. Go to the IPSec VPN tab.
  3. Under the Repository of Certificates section, click the "Renew" button.
  4. Click "Yes" to continue.
  5. Click "OK" to generate Keys and get Internal CA Certificate.
  6. Click "OK" on the Gateway Properties.
  7. Install Policy on the gateway.

View solution in original post

10 Replies
JozkoMrkvicka
Authority
Authority
‎2020-07-14 11:01 PM
Jump to solution

Hi,

Have you checked times on your computer and your gateway/management? Are you using NTP ?

Did you check defaultCert certificate inside IPsec VPN tab of the affected gateway ?

What warning you are getting once you install policy on affected gateway ? Or, are you even able to install policy on affected gateway ?

Do you have valid license? did you use eval lic in the past which may expire ?

Kind regards,
Jozko Mrkvicka
0 Kudos
Virupaksha
Explorer
‎2020-07-15 12:08 AM
In response to JozkoMrkvicka
Jump to solution

 Hi,

 

Thanks for the reply.

 

i have checked the IPSEC VPN tab under the activie gateway. In the tab default certificate is expired.

 

Can you please help me how to renew the default certificate in the IPSEC vpn.

 

 

 

0 Kudos
Prabulingam_N1
Advisor
‎2020-07-16 08:29 AM
In response to Virupaksha
Jump to solution

Hi,

You should see "Renew" button there, please try selecting the option.

 

Regards, Prabu

0 Kudos
_Val_
Admin
Admin
‎2020-07-15 12:51 AM
Jump to solution

From https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

To renew the certificate:

  1. Edit the Check Point Gateway Object Properties in SmartDashboard.
  2. Go to the IPSec VPN tab.
  3. Under the Repository of Certificates section, click the "Renew" button.
  4. Click "Yes" to continue.
  5. Click "OK" to generate Keys and get Internal CA Certificate.
  6. Click "OK" on the Gateway Properties.
  7. Install Policy on the gateway.
AkosBakos
Mentor Mentor
Mentor
‎2021-07-28 12:50 AM
In response to _Val_
Jump to solution

Hi _Val_,

I'm just wondering maybe the VPN certificate renew can be done with mgmt_cli?
I haven't found any related topic in the guide.

What is your opinion?

BR

A

 

----------------
\m/_(>_<)_\m/
0 Kudos
PriyaRaut
Explorer
‎2022-05-31 12:55 AM
In response to _Val_
Jump to solution

Kindly confirm if certificate to be export and share with users after renewal or it will automatically get synced ?

0 Kudos
Karan0587
Explorer
‎2023-04-13 05:36 PM
In response to _Val_
Jump to solution

Hi  @_Val_ 

 

Is there a way the certificate can automatically renewed?

0 Kudos
_Val_
Admin
Admin
‎2023-04-17 03:10 AM
In response to Karan0587
Jump to solution

I do not think so, the procedure is already described above

0 Kudos
sarshar
Contributor
‎2023-12-05 06:19 AM
In response to _Val_
Jump to solution

Hi Valerie,

Does the VPN connection get disrupted or glitched during the cert renewal?

Should I schedule a planned outage, even for a minute, prior to certificate generation?

0 Kudos
_Val_
Admin
Admin
‎2023-12-05 06:28 AM
In response to sarshar
Jump to solution

Who's Valerie?

It is always a good idea to plan for downtime. Plan for a short interruption around policy installation time

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top