Support Center > Search Results > SecureKnowledge Details
How to renew Internal CA certificate Technical Level
  • CPM process is down after upgrade from R77.XX to R80.x.

  • The cpm.elg file shows:

    Caused by: com.checkpoint.infrastructure.utils.runtime.CpAssertionError: failed to load SIC cert file
    "Signature Algorithm" section of Internal CA certificate shows 2 different values.
    To view Internal CA certificate run: cpopenssl pkcs12 -in $FWDIR/conf/InternalCA.p12 -nokeys -nomacver -passin pass: | cpopenssl x509 -noout -text

  • The Internal CA certificate is expired or almost expired.
    To view the expiration date run:

    cpopenssl pkcs12 -in $FWDIR/conf/InternalCA.p12 -nokeys -nomacver -passin pass: | cpopenssl x509 -noout -enddate


Internal CA certificate format is not supported by Java, or certificate is (almost) expired and needs to be renewed.

Note: To view this solution you need to Sign In .