This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Moudar
Advisor
‎2024-06-30 10:31 AM

Certificate renew

Hi

I got a central office with 6500 appliance cluster and branch office with 1575 SMB.

On central office I got this alert:

Warning (The VPN Certificate "CN=fwcl VPN Certificate,O=sacheck01.kis.local.p33pae" will expire on Wed Aug 28 12:54:06 2024. To renew it, follow <a href = "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk178304">sk178304</a>)

 

The question:

If I renew the certificate at the central office, will it affect the branch office? Do I need to renew branch office at the same time?

The branch office certificate expires in one year, while the central office certificate expires in one month.

 

6 Replies
the_rock
Legend
Legend
‎2024-06-30 11:43 AM

No need bro, just renew central, push policy.

Andy

0 Kudos
genisis__
Leader Leader
Leader
‎2024-06-30 01:45 PM

Long as all the satellites and central gateways are managed from the same SMS then it would not matter as certificates are used for authentication.
What you may also want to consider is to ensure the certificate is renewed for a longer period of time (sk170558).

0 Kudos
the_rock
Legend
Legend
‎2024-06-30 07:38 PM
In response to genisis__

One thing to keep in mind is that 3 years is now longest period possible and you have to renew vpn cert to reflect that once you extend it on mgmt server. Theres an sk with command for it, but hates me now to search for it on my iphone lol

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-06-30 07:43 PM
In response to the_rock

Nm, here it is 🙂

https://support.checkpoint.com/results/sk/sk176527

0 Kudos
Moudar
Advisor
‎2024-07-01 12:05 AM
In response to the_rock

Do I need to perform this procedure during a maintenance window because an outage of VPN tunnels may occur?

0 Kudos
the_rock
Legend
Legend
‎2024-07-01 04:44 AM
In response to Moudar

You can do it any time, but to be safe, better outside normal hours.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events