[Dshield] Failed to get URL data (code=0x8) on Checkpoint SPLAT

Manny Fernandez fernandez.mg at gmail.com
Sat Feb 11 03:57:46 GMT 2006


Good day,

first time posting.

I am trying to enable the STORMD service on Checkpoint to pull the
blocklist.txt from the dshield https site.  The service is running but it is
failing to download the list.  I ran a Sniifer trace and I am getting a '
Bad Certificate ' error.  I opned a call with Checkpoint and they have been
unhelpful.  I have done some searching and found the newgroup article listed
below.

Does anyone know if this is correct and if so how can I get the updated CA
cert?

Thanks

MF


*********** Snip ******************************

DShield.org has recently changed their web site SSL certificate with a
different CA vendor, which has invalidated the root CA certificate that is
originally included. The solution at present is to replace the root CA
certificate on the firewall module and update the reference in the objects
database:

1. Make a backup fo the %FWDIR%\conf\equifax.cer from the firewall module.
Remove the file %FWDIR%\conf\equifax.cer from the firewall module.

2. Copy the attached 'GTE_Root_CA.cer' to %FWDIR%\conf on the firewall
module.

3. Stop the SmartCenter Server with 'cpstop'.

4. Backup and modify the %FWDIR%\conf\asm.C file and modify the following
line:

storm_center_list:DShield:certificate_filename - change 'equifax.cer' to
'GTE_Root_CA.cer'.

5. Run 'cpstart' on the SmartCenter server.

6. Install the Security Policy to the gateway.

7. Run 'fwstop -proc' on the firewall module and then 'fwstart'.


More information about the list mailing list