SSL VPN client software, Tunnelblick fails to connect to the Sophos XG Firewall.
This issue is caused by a new version of Tunnelblick that changes the library used for reading the certificate presented by the client. An error such as the one presented below is likely to occur.
This error is misleading and is no way due to a certificate format error. In order to fix it so that the VPN client can connect again, change from using Latest (2.4.4 - LibreSSL v2.6.2) to Default (2.3.18 - OpenSSL v1.0.2m). This will allow your client to connect.
The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.