---
title: "Removal of Catchpoint SSL Certificate(cpnode.net)"
slug: "removal-of-catchpoint-ssl-certificatecpnodenet"
updated: 2025-03-07T17:43:39Z
published: 2025-03-07T17:43:39Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.catchpoint.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Removal of Catchpoint SSL Certificate (cpnode.net)

**Problem** Security scanners may report an SSL Certificate-related vulnerability against Catchpoint node installations on Linux systems.

**Symptoms** The following certificate would show up nearing expiration on December 08, 2021 `Certificate CN=\*.cpnode.net, OU=Domain_Control_Validated`

**Solution** Upgrade to the latest Catchpoint node version (1.12.6+) which will remove the nginx certificate and the service listening on port 443.

**Temporary work-around without upgrading**

- `/sbin/iptables -A INPUT -p tcp --destination-port 443 -j DROP -i <interface>`
- `/sbin/service iptables save`
- To remove the certificate:
  - `certmgr -del -c -v -m Trust 45600b2e9f6e75b0f9f36d4c8a4dad604600f57d`
  - `sudo rm /etc/pki/ca-trust/source/anchors/catchpoint.crt`
  - `sudo update-ca-trust`

**More Information** This certificate was part of a legacy feature that was used in the portal but is now deprecated.