- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Firewall Uptime, Reimagined
How AIOps Simplifies Operations and Prevents Outages
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Here is the note I made:
How to get updates working when there is an upstream Proxy doing Deep SSL Inspection:
You will need to export the CA file from the upstream device and then add this to the ca-bundle.crt file in two locations on the Checkpoint Manager (assuming that this is where the issue is).
$CPDIR/conf/ca-bundle.crt <-- This is so that Application level updates can work.
$FWDIR/bin/ca-bundle.crt <-- This is so that GAIA level updates work.
Note this has been tested from a R80.40 SMS. However important to note that the file could change as part of upgrade or jumbo installation.
Additionally the above solution is not supported by TAC.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY