Skip to main content

Smart Dashboard unable to login to Smart Center Server

By



If you ever jump in to this Checkpoint issue with an error message that looks like this:

The connection has been refused due to one of following SmartCenter Server certificate problems:
1. The SmartCenter Server’s clock is not setup properly.
2. The certificate’s issue date is later than the date of the SmartCentre Server’s clock.
3. The Gui Client’s clock and the SmartCenter Server’s clock are not synchronized.
4. The certificate has expired.
5. The certificate is invalid.

Here is the steps on how to remedy it:
  1. Switch directories:
    cd $CPDIR/conf or C:/program files/checkpoint/cpshared/R??/conf
  2. Backup and remove the sic_cert.p12 file:
    cp sic_cert.p12 sic_cert.p12old
    rm sic_cert.p12
  3. Revoke the certificate from the SmartCenter’s Objects file:
    cpca_client revoke_cert -n “CN=cp_mgmt”
  4. Recreate a brand new sic cert for the SmartCenter:
    cpca_client create_cert -n “CN=cp_mgmt” -f sic_cert.p12
  5. Restart the Check Point processes:
    cpstop
    cpstart
There would a warning saying that if you would trust the certificate. This is normal since the certificate is new.
Good Luck!

Labels:

Comments

Post a Comment

Popular posts from this blog

How to enable SSH login access to a Cisco router

By
This guide walks you through how to setup SSH on a Cisco Router. SSH is by far more secure then telnet. Telnet allows your passwords to be sent in plain text that anyone can see and gain access to your network. SSH is all encrypted traffic. NOTE: This should work with any Cisco router provided the Cisco IOS on the router supports ssh. Firstly is ssh enabled? router#sh ip ssh SSH Disabled - version 2.0 %Please create RSA keys to enable SSH. Authentication timeout: 60 secs; Authentication retries: 5 In this case its not, if you got a error saying that sh ip ssh is not recognized then you would know that ssh is not supported or possibly that the command is different for your platform. How to enable SSH on a Cisco 800 series router# config term router(config)#crypto key generate rsa usage-keys label router-key The name for the keys will be: router-key Choose the size of the key modulus in the range of 360 to 2048 for your
1 comment
Read more

INSTALL DOT NET FRAMEWORK ON MULTIPLE SERVERS USING POWERSHELL SCRIPT

By
Installing .Net 4.5.2 $servers = Array of Servers foreach($server in $servers) { Write-Host “Copying the installation file” copy-item  –path “-SOURCE” –destination “ destination ” Write-Host “Installing .NET 4.5.2” Invoke-Command –Computername $server –Credentials xxxx { C:\Temp\ NET 4.5.2  /passive /norestart }
2 comments
Read more

Connection failed: enforce firewall policy failed (on win 7 / 64bit)

By
Connection failed: enforce firewall policy failed (on win 7 / 64bit)  error: connection failed: enforce firewall policy failed client: Check point endpoint security r75 build 835002205 on win 7 / 64 bit The solution is to find driver file vsdatant.sys and copy it to system32/drivers Ref :- https://forums.checkpoint.com/forums/thread.jspa?messageID=46927 
1 comment
Read more