when you're executing the certify command it should be:
fw internalca certify - o firewall_object_name
Thats all!
If that still doesn't work, try both commands again but with the -force
option at the end. that will force the re-creation and re-certification of
the CA
ie:
fwstop
fw internalca create - dn "o=mycompany, c=mycountrycode" -force
fw internalca certify -o firewall_object_name -force
fwstart
that should do it,
Cheers,
Ashleigh Martin
Senior Systems Engineer
Data#3 Group Pty Ltd
Ph: +61 3 9864 2000
Fx: +61 3 9864 2099
mailto: [email protected]
Web Site: http://www.data3.com.au
"David Bazillio"
<[email protected]> To: <[email protected]>
Sent by: cc:
[email protected] Subject: [FW1] IKE Hybrid :problem for creating certificate
kpoint.com
20/06/2001 11:17 PM
Hi everybody,
We would like to implement IKE hybrid, we have Chekpoint FW 1- VPN1 4.1 Sp3
for the module management and also for the firewall itself.
On the management console:
1) fwstop
2) fw internalca create -dn "o=mycompany, c=mycountrycode"
3) fw internalca certify -o myfwhostname "o=mycompany, c=mycountrycode"
4) fwstart
But, the certificate doesn't appear in the GUI management although CA and
certificate have been created succesfully and there is no server of
certificate authority, is it normal?
Can anyone help me?
Another question, we use SecuRemote 4.1 Sp3-DES pointed to the external IP
adress of our firewall,
The connection begins with a topology download, but does the connection has
to be made with the firewall itself or with the console management ?
Thanks
David
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================