Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
matti
Explorer

SIC certificate for OPSEC expired

Hello team,

We are managing a smart center running on GAIA R77.30 (yes the version is obsolate 😉). We have a customer OPSEC server connecting to our device and we found out that the SIC certificate expired, checked on the smart center and on the OPSEC servers log.

I am wondering if by resetting the SIC status on the smart center would also generate the new certificate? In this case I assume that resetting the SIC and setting a new PSK would solve the issue.

From what I read there is an option to generate a new certificate using the ICA Management tool. sk62873 sk39915

Here I am a bit lost how to generate the new certificate.

 

In the documentation I found this related for the SIC certificate automatic renewal however I am not sure if it relates to third party devices.

Automatic renewal of SIC certificates ensuring continuous SIC connectivity

SIC certificates are renewed automatically after 75% of the validity time of the certificate has passed. If, for example, the SIC certificate is valid for five years, 3.75 years after it was issued, a new certificate is created and downloaded automatically to the SIC entity. This automatic renewal ensures that the SIC connectivity of the gateway is continuous. The administrator can decide to revoke the old certificate automatically or after a set period of time. By default, the old certificate is revoked one week after the certificate renewal has taken place.

https://sc1.checkpoint.com/documents/R76/CP_R76_SecMan_WebAdmin/html_frameset.htm?topic=documents/R7...

 

Any thoughts are appreciated 🙂

 

Thanks a lot.

Matt

0 Kudos
1 Reply
shabib
Explorer

Hi Matt,

I was looking at R81.10 and found the same information but wanted to know how long my certs have left?

Did you get the answer you were looking for?

Regards,

Shabib

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events