The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
Unable to connect with SHA-512 user certificate on Windows Capsule
Technical Level
Solution ID
sk121418
Technical Level
Product
IPSec VPN
Version
R77.30 (EOL), R80.10 (EOL), R80.20 (EOL)
Date Created
12-Nov-2017
Last Modified
07-May-2019
Symptoms
Unable to connect with SHA-512 user certificate on Windows Capsule.
User tried with iOS Capsule Connect and this works fine.
VPND reports that client did not send certificate:
5941][29 Jun 16:36:19][tevent] T_event_mainloop_iter_select: select reports 1 events
[ 5941][29 Jun 16:36:19][CPTLS] cptlsd_trap_handler_multik: called dlen 368, type 2
[ 5941][29 Jun 16:36:19][CPTLS] CptlUrlf::HandleTrap: _len 368 _instance =0
[ 5941][29 Jun 16:36:19][CPTLS] CptlUrlf::HandleTrap: not urlf ssl trap.
[ 5941][29 Jun 16:36:19][CPTLS] cptls_urlf_trap_cb: it is not ssl urlf trap.
[ 5941][29 Jun 16:36:19][CPTLS] cptlsd_trap_handler_multik: called from kernel instance 0.
[ 5941][29 Jun 16:36:19][CPTLS] cptls_handle_msg: called. msg=HS_EVENT_HANDLER
[ 5941][29 Jun 16:36:19][CPTLS] cptls_handle_msg: kernel_instance: 0
[ 5941][29 Jun 16:36:19][CPTLS] cptls_handle_msg: conn_id: 0x00000000000001bc
[ 5941][29 Jun 16:36:19][CPTLS] cptls_ChannelTable::handleMsg: kernel instance: 0
[ 5941][29 Jun 16:36:19][CPTLS] cptls_ChannelTable::handleMsg: channel conn_id: 0x00000000000001bc
[ 5941][29 Jun 16:36:19][CPTLS] cptls_hs_event_handler: called
[ 5941][29 Jun 16:36:19][CPTLS] cptls_hs_event_handler: called from kernel instance: 0
[ 5941][29 Jun 16:36:19][CPTLS] cptls_hs_event_handler: conn_id: 0x00000000000001bc
[ 5941][29 Jun 16:36:19][CPTLS] cptls_hs_event_handler: event CPTLS_HS_MESSAGE, buf_len = 269
[ 5941][29 Jun 16:36:19][CPTLS] cptls_hs_data_handler: called
[ 5941][29 Jun 16:36:19][CPTLS] HS_msg_buffer::next_msg: buf_sz = 269
[ 5941][29 Jun 16:36:19][CPTLS] HS_msg_buffer::next_msg: msg_len = 3, *buf_sz = 269
[ 5941][29 Jun 16:36:19][CPTLS] HS_msg_buffer::next_msg: no need for buffering, a full msg in buffer
[ 5941][29 Jun 16:36:19][CPTLS] cptls_hs_data_handler: handling: CPTLS_Certificate of length: 7
[ 5941][29 Jun 16:36:19][CPTLS] cptls_hs_message_handler: called
[ 5941][29 Jun 16:36:19][CPTLS] SRV_handle_Certificate: called
[ 5941][29 Jun 16:36:19][CPTLS] Process_certificate: called
