cp_conf sic

Description

Manages SIC on the Security Gateway.

For additional information, see sk65764: How to reset SIC.

Note - This command corresponds to the option Secure Internal Communication in the cpconfig menu.

Syntax

cp_conf

      -h

      sic

            cert_pull <Management Server> <DAIP GW object>

            init <Activation Key> [norestart]

            state

Parameters

Parameter

Description

-h

Shows the built-in usage.

cert_pull <Management Server> <DAIP GW object>

For DAIP Security Gateways, pulls a SIC certificate from the specified Management Server for the specified DAIP Security Gateway:

  • <Management Server> - IPv4 address or HostName of the Security Management Server or Domain Management Server

  • <DAIP GW object> - Name of the DAIP Security Gateway object as configured in SmartConsole

init <Activation Key> [norestart]

Resets the one-time SIC activation key.

The optional parameter "norestart" specifies not to restart Check Point services.

state

Shows the current state of the SIC Trust.

Example

[Expert@MyGW:0]# cp_conf sic state
 
Trust State: Trust established
 
[Expert@MyGW:0]#