This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
RickyDan
Contributor
‎2022-07-17 12:25 PM

Wildcard certificate not trusted

I uploaded a DigiCert wildcard certificate for *.domain.com via Gateway Properties > Mobile Access > Portal Settings. I configured a VPN site using vpn.domain.com as the server name but I still get a certificate not trusted error while creating the site. The details window said that the certificate is for *.domain.com while the site is for vpn.domain.com. 

Are wildcard certs supported for remote access VPN? What do I need to do?

Labels
0 Kudos
10 Replies
the_rock
Legend
Legend
‎2022-07-17 02:48 PM

Im pretty positive that wildcard certs are indeed supported. I think one of my customers had this exact issue before, so will try comb through my notes tomorrow and see how we fixed it.

0 Kudos
RickyDan
Contributor
‎2022-07-18 05:15 AM
In response to the_rock

Ok thanks. Awaiting your update.

0 Kudos
the_rock
Legend
Legend
‎2022-07-18 05:37 AM
In response to RickyDan

Would you mind send a screenshot? I just want to confirm it was exact same issue I had as well.

0 Kudos
the_rock
Legend
Legend
‎2022-07-18 05:46 AM
In response to RickyDan

Definitely not the same issue, their problem was that something was wrong with the cert, once they got the right one, all worked fine. Anyway, here is what I find a bit odd...why does it show connecting to *.abc.com, rather than say vpn.abc.com? That makes no sense...what are people entering when creating a site?

0 Kudos
RickyDan
Contributor
‎2022-07-18 05:51 AM
In response to the_rock

I created the VPN site with vpn.domain.com and the wildcard cert is uploaded in the Mobile Access portal settings.

0 Kudos
Ruan_Kotze
Advisor
‎2022-07-18 06:00 AM

Yes this is a known issue - wildcards are supported but you will get this warning on the 1st connection.  I recall previous discussions on CheckMates where this was also highlighted.  In my opinion the warning should not be thrown.

0 Kudos
the_rock
Legend
Legend
‎2022-07-18 06:07 AM
In response to Ruan_Kotze

Thats good to know, because I dont recall seeing that before on first connection. I know thats been like forever for regular RA vpn, but dont remember seeing it when using wildcard cert for mobile access. Maybe its just me getting old-ER : - )

0 Kudos
RickyDan
Contributor
‎2022-07-18 06:12 AM
In response to Ruan_Kotze

Hey, thanks. This means it makes no difference leaving it as the self-signed certificate since the warning still shows when creating the site.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top