AnsweredAssumed Answered

Working with OPSEC clients (SHA256/SHA1)

Question asked by Quinne41a9893-0917-4fe7-8d41-2f36826848bc on Sep 6, 2016
Latest reply on Sep 13, 2016 by Quinne41a9893-0917-4fe7-8d41-2f36826848bc

Within the Check Point knowledge base, there seems to be a variety of resoruces which address the inability of OPSEC applications to connect to r80.   All of these fall back to the SDK for OPSEC not being updated until r80 was formally released.


sk103840 - Describes the issue and provides a process for setting the internal CA to use SHA1 from just after install.

sk109618 - Describes how to temporarily set the CA to issue a SHA1 certificate

sk110559 - Describes how to recreate the SIC  certificate using SHA1 if it had been previously created as SHA256


The challenge is, what really works and won't require re-SICing  with the objects already communicating and using SHA256?