This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
matti
Explorer
‎2020-06-17 04:04 AM

SIC certificate for OPSEC expired

Hello team,

We are managing a smart center running on GAIA R77.30 (yes the version is obsolate 😉). We have a customer OPSEC server connecting to our device and we found out that the SIC certificate expired, checked on the smart center and on the OPSEC servers log.

I am wondering if by resetting the SIC status on the smart center would also generate the new certificate? In this case I assume that resetting the SIC and setting a new PSK would solve the issue.

From what I read there is an option to generate a new certificate using the ICA Management tool. sk62873 sk39915

Here I am a bit lost how to generate the new certificate.

 

In the documentation I found this related for the SIC certificate automatic renewal however I am not sure if it relates to third party devices.

Automatic renewal of SIC certificates ensuring continuous SIC connectivity

SIC certificates are renewed automatically after 75% of the validity time of the certificate has passed. If, for example, the SIC certificate is valid for five years, 3.75 years after it was issued, a new certificate is created and downloaded automatically to the SIC entity. This automatic renewal ensures that the SIC connectivity of the gateway is continuous. The administrator can decide to revoke the old certificate automatically or after a set period of time. By default, the old certificate is revoked one week after the certificate renewal has taken place.

https://sc1.checkpoint.com/documents/R76/CP_R76_SecMan_WebAdmin/html_frameset.htm?topic=documents/R7...

 

Any thoughts are appreciated 🙂

 

Thanks a lot.

Matt

0 Kudos
1 Reply
shabib
Explorer
‎2024-07-22 07:17 AM

Hi Matt,

I was looking at R81.10 and found the same information but wanted to know how long my certs have left?

Did you get the answer you were looking for?

Regards,

Shabib

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top