Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Wolfgang
Mentor
Mentor

error viewing certificate HTTPS inspection

Jump to solution

We changed the certificate of  HTTPS inspection via Smartdashboard following How to renew, import, or export a new HTTPS Inspection certificate

Certificate is imported without error in old Smartconsole application and seen with the correct date and issuer. But in SmartDashboard following error shown if we try to view the certificate. Diabling HTTPS inspection and renew again does not work

Any ideas?

Screenshot 2022-06-13 165636.png

0 Kudos
1 Solution

Accepted Solutions
Alex-
Advisor

I believe I've had a similar issue a few times and might be due to some sort of asynchronous communication between the legacy and the new console. 

It was solved by doing something like regenerating or importing the certificate in Smart Dashboard then exiting it, not publishing but editing the cluster object to view the certificate, press OK so the cluster object is also updated, then publishing and install the policy. I'm sorry I can't be more specific, I don't have right now an environment where I can check that but it was the idea.

View solution in original post

6 Replies
Vladimir
Champion
Champion

@Wolfgang , you are stating that you have imported the new certificate. Does that mean it was created by different CA? if so, is that CA added to your Trusted CAs?

0 Kudos
Wolfgang
Mentor
Mentor

@Vladimir @yes, it is. The error will be the same if we issue a new certificate from the CheckPoints internal CA.

0 Kudos
Vladimir
Champion
Champion

Can you open that cert outside of the SmartConsole environment (by double-clicking)? SmartConsole using MS Crypto Shell Extensions as default app for file type. I wander if you may have changed the default app for certs on that PC.

0 Kudos
Alex-
Advisor

I believe I've had a similar issue a few times and might be due to some sort of asynchronous communication between the legacy and the new console. 

It was solved by doing something like regenerating or importing the certificate in Smart Dashboard then exiting it, not publishing but editing the cluster object to view the certificate, press OK so the cluster object is also updated, then publishing and install the policy. I'm sorry I can't be more specific, I don't have right now an environment where I can check that but it was the idea.

Wolfgang
Mentor
Mentor

@Alex- thanks a lot. Don't publish after import of the new certificate via old SmartDashboard then changing something of the gateway object in the normal SmartConsole, close gateway object and then doing publish.

These terrible old SmartDashboard should be deleted and go away......... 😎

the_rock
Champion
Champion

I agree 100%. I cant understand for the life of me WHY those old legacy dashboards are still there to edit stuff like inspection, mobile access, qos. Logically, makes no sense to me, just my personal opinion.

0 Kudos