Print Download PDF Send Feedback

Previous

Next

cpca_client lscert

Description

Shows all certificates issued by the ICA.

Important - On Multi-Domain Server, you must run this command in the context of the relevant Domain Management Server.

Syntax

cpca_client [-d] lscert [-dn <SubString>] [-stat {Pending | Valid | Revoked | Expired | Renewed}] [-kind {SIC | IKE | User | LDAP}] [-ser <Certificate Serial Number>] [-dp <Certificate Distribution Point>]

Parameters

Parameter

Description

-d

Runs the command in debug mode.

Use only if you troubleshoot the command itself.

-dn <SubString>

Optional. Filters the search results to those with a DN that matches the specified <SubString>.

This command does not support multiple values.

-stat {Pending | Valid | Revoked | Expired | Renewed}

Optional. Filters the search results to those with certificate status that matches the specified status.

This command does not support multiple values.

-kind {SIC | IKE | User | LDAP}

Optional. Filters the search results to those with certificate kind that matches the specified kind.

This command does not support multiple values.

-ser <Certificate Serial Number>

Optional. Filters the search results to those with certificate serial number that matches the specified serial number.

This command does not support multiple values.

-dp <Certificate Distribution Point>

Optional. Filters the search results to the specified Certificate Distribution Point (CDP).

This command does not support multiple values.

Example

[Expert@MGMT:0]# cpca_client lscert -stat Revoked

Operation succeeded. rc=0.

5 certs found.

 

Subject = CN=VSX2,O=MyDomain_Server.checkpoint.com.s6t98x

Status = Revoked Kind = SIC Serial = 5521 DP = 0

Not_Before: Sun Apr 8 14:10:01 2018 Not_After: Sat Apr 8 14:10:01 2023

 

Subject = CN=VSX1,O=MyDomain_Server.checkpoint.com.s6t98x

Status = Revoked Kind = SIC Serial = 9113 DP = 0

Not_Before: Sun Apr 8 14:09:02 2018 Not_After: Sat Apr 8 14:09:02 2023

 

Subject = CN=VSX1 VPN Certificate,O=MyDomain_Server.checkpoint.com.s6t98x

Status = Revoked Kind = IKE Serial = 82434 DP = 2

Not_Before: Mon May 14 19:15:05 2018 Not_After: Sun May 14 19:15:05 2023

[Expert@MGMT:0]#

 

 

[Expert@MGMT:0]# cpca_client lscert -kind IKE

Operation succeeded. rc=0.

3 certs found.

 

Subject = CN=VS1 VPN Certificate,O=MyDomain_Server.checkpoint.com.s6t98x

Status = Valid Kind = IKE Serial = 27214 DP = 1

Not_Before: Wed Apr 11 17:26:02 2018 Not_After: Tue Apr 11 17:26:02 2023

 

Subject = CN=VSX_Cluster VPN Certificate,O=MyDomain_Server.checkpoint.com.s6t98x

Status = Valid Kind = IKE Serial = 64655 DP = 1

Not_Before: Mon Apr 9 19:36:31 2018 Not_After: Sun Apr 9 19:36:31 2023

 

Subject = CN=VSX1 VPN Certificate,O=MyDomain_Server.checkpoint.com.s6t98x

Status = Revoked Kind = IKE Serial = 82434 DP = 2

Not_Before: Mon May 14 19:15:05 2018 Not_After: Sun May 14 19:15:05 2023

[Expert@MGMT:0]#

27 December 2020
Was this helpful?
Incorrect information Not what I'm looking for Too much information Confusing information
© 2020 Check Point Software Technologies Ltd. All rights reserved.