AnsweredAssumed Answered

Replace Internal CA - SSL Inspection with own certificate.

Question asked by Georgi Lyaskov on Apr 26, 2018
Latest reply on Apr 27, 2018 by Dameon Welch Abernathy

Hello Checkmates,

 

I'm testing the SSL Inspection on Checkpoint 790 with R77.20.75 firmware. With the dafault internal certificate it works as described in the instructions. 

According to the sk121214, I can use my own certificate by replacing the internal CA.

I'm trying to use one issued by our Private PKI server. I can preview the certificate, but when I apply, the firewall appliance load it, but with error: Invalid certificate file.

 

As a result also the VPN service is affected, and my only option to recover is to Reinitialize Certificates.

 

What are the specific requirements for the replacing certificate, in addition to that it should be .p12 or .pfx?

Outcomes