Log Exporter TLS Configuration

Log Exporter can export logs over an encrypted connection using the TLS protocol.

Only mutual authentication is allowed.

For mutual authentication, Log Exporter requires these certificates:

Notes:

  • The Management Server / Log Server with Log Exporter must be able to connect to the Certificate Authority.

  • In addition to these two certificates, a third certificate should be installed on the target server (based on the server requirement).

  • It is possible to use self-signed certificates.

If you do not already have the required certificates, the procedure below is an example of how to create the required certificates.

The procedure below uses the openssl commands on a Linux server (non-Check Point).

After you created the required certificates, you must update the security parameters on the Check Point Management Server / Log Server.