Support Center > Search Results > SecureKnowledge Details
'fwm sic_reset' is not working on Security Management R75.40 and R75.40VS Technical Level
Symptoms
  • After running the "fwm sic_reset&" command on R75.40 and R75.40VS Security Management Server, the internal_ca object cannot be found in SmartDashboard on "Firewall" tab > "Servers and OPSEC Applications" > "Servers".

  • Following message pops up in SmartDashboard when closing Check Point object properties:
    Cannot add certificate when no Certificate Authority Server exists.
    You must first define Certificate Authority Server object.

  • Debug of FWM daemon (per sk86186 / sk33207) shows that when FWM runs for first time after SIC reset, the internal_ca object already exists and therefore inserting newly created internal_ca object fails:
    [FWM PID ...]@HostName[Date Time] CLinksSqlDb::IsNameUsed: executing query select * from object_id_to_table_name where table_name = 'servers' and object_name = 'internal_ca'
    [FWM PID ...]@HostName[Date Time] CSrvObj::Update - Object internal_ca already created by another user write_using_CPMI_and_add_to_downgrade_hash: Update failed: Object internal_ca already created by another user

Cause

Specifically in R75.40 and R75.40VS versions, newly created ICA object fails to be added into the management database because it still exists in the $FWDIR/conf/CPMILinksMgr.db file.


Solution
Note: To view this solution you need to Sign In .