Support Center > Search Results > SecureKnowledge Details
How to check VPN certificate expiration date from command line on Security Management Technical Level
Solution

The dates of the VPN certificates on the Security Management can be verified with the cpca_client lscert command in the following way (the following example is done for a CMA called Example_Management Server on an MDS):

--------------------
[Expert@provider:0]# mdsenv Example_Management_Server
[Expert@provider:0]# cpca_client lscert -stat Valid -kind IKE
Operation succeeded. rc=0.
1 certs found.

Subject = CN=cpmodule VPN Certificate,O=Example_Management_Server.checkpoint.com.d2hitj
Status = Valid Kind = IKE Serial = 91912 DP = 1
Not_Before: Wed Jan 14 14:19:02 2015 Not_After: Tue Jan 14 14:19:02 2020
--------------------

The expiration date is shown as 'Not_After: Tue Jan 14 14:19:02 2020' for this VPN Certificate.

Note: this command output has only Internal CA certificates, external CA certificates will not be shown.


Related solutions:

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment