- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hi,
I have just enabled HTTPSi and wondering about logs.
All pages with R3 certificates reports Certificate Expired, even the cert is OK, all cert path is OK. Only one thing I found in certs is missing CRL/OCSP info, but I don't believe this is a root case for HTTPSi errors.
anyone facing such issue too?
(1800 / R80.20.35)
@IZoom
Regarding Missing CA's like [ISRG Root X1/X2] related to Let's Encrypt, we raised a case for it and received a hotfix including the additional CA's. It should be included in [R80.20.35 Build 992002480], so try contacting TAC if you want to try it.
OK, finally find some time to play with. The root case was that automatic update of trusted root certification authorities / in https inspection console / was not working. After manual update everything working fine.
In documentation is written you can disable automatic updates, but I did not found such option. There is only notify me about new updates (without choosing method).
some R3 certificates reach timeout (maybe due to missing CRL info), and in this case the behavior is trust unreachable CRL (the site is loading and not blocked)
Thank you for reply. Should not be the error message "Missing CRL" or something like that? The error message in this case looks not pointing to real issue.
@IZoom
Regarding Missing CA's like [ISRG Root X1/X2] related to Let's Encrypt, we raised a case for it and received a hotfix including the additional CA's. It should be included in [R80.20.35 Build 992002480], so try contacting TAC if you want to try it.
"Invalid CRL Retrieved" and "No Valid CRL" error messages in HTTPS Detect Logs
This may relate as well, which I believe is not included in Gaia Embedded
OK, finally find some time to play with. The root case was that automatic update of trusted root certification authorities / in https inspection console / was not working. After manual update everything working fine.
In documentation is written you can disable automatic updates, but I did not found such option. There is only notify me about new updates (without choosing method).
Hi,
can you see as well the Invalid CRL retrieved from all sites signed by LE/R3/...?
In the certificate itself is missing CRL or OCSP. Found something related in sk172345. It is strange, that you are able trough AIA verify revoked certificates, but CHP print lot of errors.
found sk172345, where checkpoint requires CRL & OCSP... Strange, that all systems incl. ssllabs.com has no issue with that.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 6 | |
| 3 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY