How To: Update Expired Certificates

Goal: Replace the currently used certificates in CloudGuard WAF as a Service with updated certificates.

Overview

The UI will alert you about certificates nearing expiration and recommend replacing them beforehand:

Choose the certificate method you are using:

If you use Check Point's Managed Certificate with CloudGuard WAF as a Service, your certificates will renew automatically. However, they won't renew if the DNS ownership CNAME value has been removed from the DNS records.

What To Do?

You need to add the DNA ownership CNAME record provided.

  1. Log in to the Infinity Portal.

  2. Open the WAF application from the application menu.

  3. Navigate to the Profile page and choose the relevant SaaS Profile.

  4. Choose the domain you would like to replace the certificate to.

  5. Navigate to the Certificates & Domain Management section at the top of the menu.

  6. Add the CNAME record's name and value in the DNS records management in the DNS provider portal.

  7. Click Enforce.

PreviousHow To: Extend Connection Timeout to UpstreamNextAgent CLI

Last updated

Was this helpful?