Have you tried to do the following command sequence:
fwstop
fw internalca create -dn "o=companyname, c=us" -force
fw internalca certify -o fwhostname "o=companyname, c=us" -force
fwstart
As far as i remember this can sometimes be rather tedious. But the "-force"
option should overwrite the certificates made earlier completely.
Best regards
Flemming Juul Pedersen
Senior Consultant
Date: Mon, 27 Aug 2001 08:12:53 -0500
From: Scott Schindler <[EMAIL PROTECTED]>
Subject: [FW1] fw internalca create and certify on distributed firewall
I have many firewall and management server combos that hybrid mode ike works
great on, but the one distributed firewall/management server set I am having
problems with. I need to enable the CA for IKE hybrid mode and I stop both
the firewall and management server and run the fw internal CA command on
the
management server as follows:
fw internalca create -dn "c=us, o=companyname"
Creates the CA fine. So then I run the following command on the management
server:
fw internalca certify -o fwhostname "c=us, o=companyname"
It says that it succeeds, but then I start the firewall and management
server and the CA does not show up in the firewall object's CA tab.
I should note that this is 4.1 sp2 and that I am managing 5 firewalls with
this management server with 5 different policies.
Any help is appreciated.
________________________________________
F� din egen webmail p� http://mail.sol.dk - gratis og med dig overalt!
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
