This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Bob_Zimmerman
Authority
Authority
‎2025-06-30 12:41 PM
In response to PhoneBoy

Yes, it's $CPDIR/conf/sic_cert.p12. On my management:

[Expert@DallasSC]# cpca_client lscert -kind SIC -stat Valid
Operation succeeded. rc=0.
6 certs found.

Subject = CN=DallasticVS1,O=DallasSC.mylab.test.popnik
Status = Valid   Kind = SIC   Serial = 12159   DP = 0
Not_Before: Sat Jun  7 18:35:33 2025   Not_After: Sat Jun  8 18:35:33 2030

Subject = CN=DallasticXL,O=DallasSC.mylab.test.popnik
Status = Valid   Kind = SIC   Serial = 89094   DP = 0
Not_Before: Sat Jun  7 18:17:01 2025   Not_After: Sat Jun  8 18:17:01 2030
...

And on one of my VSNext members:

[Expert@DallasticXL-s01-01:0]# cpopenssl pkcs12 -passin "pass:vpn123" -nomacver -nokeys -in $CPDIR/CTX/CTX00001/conf/sic_cert.p12 | cpopenssl x509 -text | egrep "(Subject|Serial Number):"
        Serial Number: 12159 (0x2f7f)
        Subject: O = DallasSC.mylab.test.popnik, CN = DallasticVS1

[Expert@DallasticXL-s01-01:0]# cpopenssl pkcs12 -passin "pass:vpn123" -nomacver -nokeys -in $CPDIR/conf/sic_cert.p12 | cpopenssl x509 -text | egrep "(Subject|Serial Number):"
        Serial Number: 89094 (0x15c06)
        Subject: O = DallasSC.mylab.test.popnik, CN = DallasticXL

You can see the subjects match exactly (though you have to interpret the DN), as do the serial numbers.

View solution in original post

(1)
Who rated this post