[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Cert isn't displayed after fw internalca?
To make this work you must have close the GUI. Perform an fwstop on the firewall and management server. Perform the fw internalca command and then the fwstart. Not performing the fwstop first will ensure it will not work Leaving the GUI open and then performing fwstop crashes the GUI and prevents the creation of the cert impossible. Also the correct command format is (performed on management server): fw internalca create -dn "o=company, c=us" -force fw internalca certify fw_object (Force should not be necessary on this line because the previous force wiped out everything. Note line doesn't contain "o=company, c=us") cameron. Dan Hitchcock wrote: > This has been buggy for me as well. I have had success with forcibly > re-creating the cert (add -force at the end of the internalca create line, > using the same dn as the original cert), then cycling the service using the > NT control panel. Not sure if something similar would do the trick on *nix. > > Dan Hitchcock > CCNA, MCSE > Network Engineer > Xylo, Inc. >> The work/life solution for corporate thought leaders > > -----Original Message----- > From: Jeff Newton [mailto:[email protected]] > Sent: Wednesday, December 06, 2000 11:19 AM > To: [email protected] > Subject: [FW1] Cert isn't displayed after fw internalca? > > >fwstop > >cd $FWDIR/bin > >fw internalca create -dn "o=whatever, c=com" > >fw internalca certify -o fw_object "o=whatever, c=com" > > Anyone know why the cert wouldn't show up in the cert tab of the fw > object after the above is done? > > Cheers, > > ---- > Jeff Newton > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|