The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
Policy installation fails for all gateways with SIC error "Internal SSL authentication SSL error [Got alert from peer that the certificate expired]"
| Solution ID |
sk102975 |
| Product |
Security Management, Multi-Domain Management / Provider-1 |
| Version |
All |
| Platform / Model |
Intel/PC, Smart-1 |
| Date Created |
13-Oct-2014
|
| Last Modified |
26-Jul-2016
|
Symptoms
Policy installation fails for all gateways with SIC error "Internal SSL authentication SSL error [Got alert from peer that the certificate expired]".
Security Management Server / Domain Management Server has lost SIC connections with all managed Security Gateways.
Reinitializing SIC between the Security Management Server / Domain Management Server and managed Security Gateways does not resolve the issue.
$CPDIR/log/cpd.elg file on the Security Management Server / Domain Management Server contains the following messages:
SIC Error for LSMServerAddon: Got alert from peer that the certificate expiredRenew_SIC_Cert_cb: CPD failed to renew sic certificate. status = 3, rc - -1.
- When installing policy it fails with:
Installation failed. Reason: Internal SSL authentication SSL error [unknown]
- When installing policy it fails with:
Installation failed. Reason: Internal SSL authentication error [ Certificate expired.]
Cause
The Security Management Server / Domain Management Server database was imported from a different machine, and the hostname has been changed. As a result, the ICA fails to renew the certificates.
Solution
|
Note: To view this solution you need to
Sign In
.
|
