How to determine SIC Certificate expiration date

From cpwiki.net
Jump to: navigation, search
Check Point Profressional Services

How to determine SIC Certificate expiration date

Solution ID: sk62873 Product: SecurePlatform Version: R70, R71, R75 OS: SecurePlatform, SecurePlatform 2.6, Windows Platform: All Last Modified: 11-Aug-2011

Did this solution solve your problem? [Click on the stars to rate] Solution

If you want to determine the SIC Certificate Expiration date you can view your certificates by running the following command via the management server: 

[Expert@mgmt]# cpca_client lscert
    • NOTE: This command only works on R65 HFA50 and above.
===========================================

EXAMPLE OUTPUT:

Operation succeeded. rc=0. 4 certs found.

Subject = CN=mgmt,O=mgmt..bbqdkc Status = Valid Kind = SIC Serial = 37748 DP = 0 Not_Before: Sun Apr 3 09:50:11 2011 Not_After: Sat Apr 2 09:50:11 2016

Subject = CN=cp_mgmt,O=mgmt..bbqdkc Status = Valid Kind = SIC Serial = 42070 DP = 0 Not_Before: Sun Apr 3 09:50:06 2011 Not_After: Sat Apr 2 09:50:06 2016

Subject = CN=gw,O=mgmt..bbqdkc Status = Valid Kind = SIC Serial = 10659 DP = 0 Not_Before: Wed Apr 20 23:42:35 2011 Not_After: Tue Apr 19 23:42:35 2016

Subject = CN=gw,O=mgmt..bbqdkc Status = Revoked Kind = SIC Serial = 8013 DP = 0 Not_Before: Sun Apr 3 10:28:55 2011 Not_After: Sat Apr 2 10:28:55 2016

===========================================

The output can be further filtered using the following optional switches together with the lscert option. 

[-stat Pending|Valid|Revoked|Expired|Renewed]

and 

[-kind SIC|IKE|User|LDAP]

A SIC Cert is valid for 5 years from creation(true in older check point versions?)

Retrieved from "http://www.cpwiki.net/index.php?title=How_to_determine_SIC_Certificate_expiration_date&oldid=48"