Check Point Certificate(s) expired or about to expire

This is a real life sample alert from indeni

Description:

Some of the certificates configured on this management server have expired or are about to expire.

indeni will re-check this alert every 1 minute. If indeni determines the issue has been resolved, it will automatically be flagged as such.

Expiring/Expired Certificates:

  • Certificate with DN cn=john doe,ou=standard users,ou=users,ou=us,dc=us,dc=mycompany,dc=com with expiration date of Aug 06 11:48:39 2014 EST

This is a user certificate. An expired user certificate means that the user will not be able to log in.

  • Certificate with DN cn=jcnj-fw1 vpn certificate,o=northamerica.mycompany.com.hnuj7k with expiration date of Sep 29 17:55:29 2014 EST.

This is a firewall VPN certificate. An expired VPN certificate may mean a VPN tunnel going down.

Manual Remediation Steps:

Review the list of certificates and act according to the certificate type described above.

For VPN certificates, review SK61087.
For user certificates, review the Remote Access VPN documentation.

How does this alert work?

When indeni connects to Check Point CMAs or Domains (under MDM) it will automatically pull the certificates in use and track their expiration dates. The list of certificates is refreshed on an hourly basis.

Leave a Reply