Who rated this post - Check Point CheckMates

The State of Ransomware Q1 2026
Key Trends and Their Impact

Good, Better, Best:
Prioritizing Defenses Against Credential Abuse

Watch Now!

AI Security Masters E7:
How CPR Broke ChatGPT's Isolation and What It Means for You

Watch Now!

Blueprint Architecture for Securing
The AI Factory & AI Data Center

Learn More!

Call For Papers
Your Expertise. Our Stage

Learn More!

CheckMates Go:
CheckMates Fest

Listen Now

Yes, it's $CPDIR/conf/sic_cert.p12. On my management:

[Expert@DallasSC]# cpca_client lscert -kind SIC -stat Valid
Operation succeeded. rc=0.
6 certs found.

Subject = CN=DallasticVS1,O=DallasSC.mylab.test.popnik
Status = Valid   Kind = SIC   Serial = 12159   DP = 0
Not_Before: Sat Jun  7 18:35:33 2025   Not_After: Sat Jun  8 18:35:33 2030

Subject = CN=DallasticXL,O=DallasSC.mylab.test.popnik
Status = Valid   Kind = SIC   Serial = 89094   DP = 0
Not_Before: Sat Jun  7 18:17:01 2025   Not_After: Sat Jun  8 18:17:01 2030
...

And on one of my VSNext members:

[Expert@DallasticXL-s01-01:0]# cpopenssl pkcs12 -passin "pass:vpn123" -nomacver -nokeys -in $CPDIR/CTX/CTX00001/conf/sic_cert.p12 | cpopenssl x509 -text | egrep "(Subject|Serial Number):"
        Serial Number: 12159 (0x2f7f)
        Subject: O = DallasSC.mylab.test.popnik, CN = DallasticVS1

[Expert@DallasticXL-s01-01:0]# cpopenssl pkcs12 -passin "pass:vpn123" -nomacver -nokeys -in $CPDIR/conf/sic_cert.p12 | cpopenssl x509 -text | egrep "(Subject|Serial Number):"
        Serial Number: 89094 (0x15c06)
        Subject: O = DallasSC.mylab.test.popnik, CN = DallasticXL

You can see the subjects match exactly (though you have to interpret the DN), as do the serial numbers.

View solution in original post

Who rated this post

Explorer

Rating date: