Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Cert isn't displayed after fw internalca?

To: [email protected]
Subject: Re: [FW1] Cert isn't displayed after fw internalca?
From: Jeff Newton <[email protected]>
Date: Fri, 8 Dec 2000 14:55:57 -0800 (PST)
Reply-to: Jeff Newton <[email protected]>
Sender: [email protected]


This would NOT work until I removed IKE encryption from the fw object
and did a policy reload.

Cheers,

>To make this work you must have close the GUI.  Perform an fwstop on 
the firewall
>and management server.  Perform the fw internalca command and then 
the fwstart.  Not
>performing the fwstop first will ensure it will not work  Leaving the 
GUI open and
>then performing fwstop crashes the GUI and prevents the creation of 
the cert
>impossible.
>
>Also the correct command format is (performed on management server):
>fw internalca create -dn "o=company, c=us" -force
>fw internalca certify fw_object (Force should not be necessary on 
this line because
>the previous force wiped out everything.  Note line doesn't contain 
"o=company,
>c=us")
>
>cameron.
>
>
>
>Dan Hitchcock wrote:
>
>> This has been buggy for me as well.  I have had success with 
forcibly
>> re-creating the cert (add -force at the end of the internalca 
create line,
>> using the same dn as the original cert), then cycling the service 
using the
>> NT control panel.  Not sure if something similar would do the trick 
on *nix.
>>
>> Dan Hitchcock
>> CCNA, MCSE
>> Network Engineer
>> Xylo, Inc.
>>>> The work/life solution for corporate thought leaders
>>
>> -----Original Message-----
>> From: Jeff Newton [mailto:[email protected]]
>> Sent: Wednesday, December 06, 2000 11:19 AM
>> To: [email protected]
>> Subject: [FW1] Cert isn't displayed after fw internalca?
>>
>> >fwstop
>> >cd $FWDIR/bin
>> >fw internalca create -dn "o=whatever, c=com"
>> >fw internalca certify -o fw_object "o=whatever, c=com"
>>
>> Anyone know why the cert wouldn't show up in the cert tab of the fw
>> object after the above is done?
>>
>> Cheers,
>>
>> ----
>> Jeff Newton
>>
>> 
======================================================================
======
>> ====
>>      To unsubscribe from this mailing list, please see the 
instructions at
>>                http://www.checkpoint.com/services/mailing.html
>> 
======================================================================
======
>> ====
>>
>> 
======================================================================
==========
>>      To unsubscribe from this mailing list, please see the 
instructions at
>>                http://www.checkpoint.com/services/mailing.html
>> 
======================================================================
==========

----
Jeff Newton
Security Analyst
PMC-Sierra Inc.


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Hybrid IKE auths fine but no connectivity to encryption domain?
Next by Date: Re: [FW1] SecureRemote and WINS
Previous by thread: Re: [FW1] Cert isn't displayed after fw internalca?
Next by thread: [FW1] SurfControl for Firewall-1
Index(es):
- Date
- Thread