- Products
- Learn
- Local User Groups
- Partners
- More
This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
- Products
- Learn
- Local User Groups
- Upcoming Events
- Americas
- EMEA
- Czech Republic and Slovakia
- Denmark
- Netherlands
- Germany
- Sweden
- United Kingdom and Ireland
- France
- Spain
- Norway
- Ukraine
- Baltics and Finland
- Greece
- Portugal
- Austria
- Kazakhstan and CIS
- Switzerland
- Romania
- Turkey
- Belarus
- Belgium & Luxembourg
- Russia
- Poland
- Georgia
- DACH - Germany, Austria and Switzerland
- Iberia
- Africa
- Adriatics Region
- Eastern Africa
- Israel
- Nordics
- Middle East and Africa
- Balkans
- Italy
- Bulgaria
- Cyprus
- APAC
- Partners
- More
- ABOUT CHECKMATES & FAQ
- Sign In
- Leaderboard
- Events
Firewall Uptime, Reimagined
How AIOps Simplifies Operations and Prevents Outages
Introduction to Lakera:
Securing the AI Frontier!
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
SharePoint CVEs and More!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Who rated this post
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
IMPORTANT - Action Required For VPN/Remote Access Security Gateways Using DigiCert - by Sep 8, 2025
Hi CheckMates!
This message is relevant only for customers using VPN Site-to-Site and Remote Access VPN Security Gateways using certificates issued by DigiCert External CA.
No action is required if DigiCert External CA is not deployed on your Security Gateways.
To check if your VPN/Remote Access Security Gateways use DigiCert External CA, follow these simple steps in the sk183884.
On September 8, 2025, DigiCert will stop supporting HTTP/1.0 for OCSP and CRL checks. Without upgrading protocol support, DigiCert certificate validation may fail, and will affect Site-to-Site and Remote Access VPNs on Check Point gateways.
To maintain VPN continuity, a tool has been provided to identify VPN/Remote Access gateways using the DigiCert External Certificate, followed by a hotfix update to be applied on the gateway, upgrading communication to HTTP 1.1.
All information regarding affected Security Gateways, using the discovery tool, and the hotfix is available here.
Support services are available for questions or assistance at https://www.checkpoint.com/support-services/contact-support/.
UPDATE: The SK now has all hotfixes you might need directly linked, as we al the scripts and verification steps to make sure you might need them
UPDATE 2: For those with outbound HTTPS Inspection, there is another SK available: https://support.checkpoint.com/results/sk/sk183887
UPDATE 3: DigiCert Certificate Expiration Mitigated
We are pleased to share that we have successfully mitigated the DigiCert certificate issue together with DigiCert’s engineering team. There is no need to urgently install a Hotfix on the Security Gateways.
Your Check Point Security Gateways using Site-to-Site VPN, Remote Access VPN, and Outbound HTTPS Inspection will continue to operate smoothly beyond the September 8, 2025 timeline, even without applying the hotfix in advance.
That said, our latest Jumbo Hotfix Accumulator changes the communication method from HTTP/1.0 to HTTP/1.1, ensuring long-term compatibility with all certificate authority services. We strongly recommend that you install it at your convenience. More details can be found here.
As always, we remain at your service and are here to support you with this or any other issue.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
©1994-2025 Check Point Software Technologies Ltd. All rights reserved.
Copyright
Privacy Policy
About Us
UserCenter