Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 7778 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

After namechange of Company need new CA

PatrickD

Hi,

after a namechange of our Company need new CA for "Webadmin Certificate"

What i did:

Management -> System Setings -> Organizational Information (changed to new Name)

Remote Access -> Cerificate Management -> Regenerate Signing CA (but that´s only vor VPN)

Webserver Protection -> Certificate Management -> Regenerate Signing CA (shows same text as VPN )

Management -> Webadmin Settings -> HTTPS Certificate -> Re-generate WebAdmin Certificate

 

New CA Only gives me the Option to upload a new CA.

Is there no option to create a new CA out-of-the-box like when i installed the System?



This thread was automatically locked due to age.
Parents
  • 0

    Is there anyone from SOPHOS who can say that this is a supported way which i also found in the community:

     

    For WebAdmin:

    To regenerate the CA proceed as follows:
    1.Login to the shell of the UTM first as loginuser and then get root: su -
    2.Now type in the following command to open the ConfdClient: cc
    3.Within the ConfdClient type use the command: RAW
    4.Now regenerate the CA with:

     ca_generate_signing_ca({name=>'webadmin ca', key_size=>2048, country=>'CountryAcronym', state=>'StateName', city=>'CityName', organization=>'OrganizationName', common_name=>'UTMhostname', email=>'mailaddress@maildomain.com'})

     Note: Adapt the country, state, city, organization, common_name and email strings to your own UTM settings (country field must be in caps - eg. CA, DE)

    The result should be result: 'REF_CaSigWebadminCa2'


    5.Next step is to switch to Main Mode: MAIN
    6.Navigate to: webadmin
    7.Now type in: ca$
    8.The last step is to assign the new CA to the WebAdmin with: =REF_CaSigWebadminCa2
    Note: The result should be 1.

    Next step is to re-generate the certificate for WebAdmin with the new CA, proceed as follows:
    1.Navigate to 'Management | WebAdmin Settings | HTTPS Certificate'.
    2.In the area Re-generate WebAdmin certificate click 'Apply'.

    The WebAdmin certificate will be regenerated. Your UTM will reload automatically and you will have to re-login.

     

    https://community.sophos.com/products/unified-threat-management/f/management-networking-logging-and-reporting/34385/cannot-regenerate-webadmin-ca

Reply
  • 0

    Is there anyone from SOPHOS who can say that this is a supported way which i also found in the community:

     

    For WebAdmin:

    To regenerate the CA proceed as follows:
    1.Login to the shell of the UTM first as loginuser and then get root: su -
    2.Now type in the following command to open the ConfdClient: cc
    3.Within the ConfdClient type use the command: RAW
    4.Now regenerate the CA with:

     ca_generate_signing_ca({name=>'webadmin ca', key_size=>2048, country=>'CountryAcronym', state=>'StateName', city=>'CityName', organization=>'OrganizationName', common_name=>'UTMhostname', email=>'mailaddress@maildomain.com'})

     Note: Adapt the country, state, city, organization, common_name and email strings to your own UTM settings (country field must be in caps - eg. CA, DE)

    The result should be result: 'REF_CaSigWebadminCa2'


    5.Next step is to switch to Main Mode: MAIN
    6.Navigate to: webadmin
    7.Now type in: ca$
    8.The last step is to assign the new CA to the WebAdmin with: =REF_CaSigWebadminCa2
    Note: The result should be 1.

    Next step is to re-generate the certificate for WebAdmin with the new CA, proceed as follows:
    1.Navigate to 'Management | WebAdmin Settings | HTTPS Certificate'.
    2.In the area Re-generate WebAdmin certificate click 'Apply'.

    The WebAdmin certificate will be regenerated. Your UTM will reload automatically and you will have to re-login.

     

    https://community.sophos.com/products/unified-threat-management/f/management-networking-logging-and-reporting/34385/cannot-regenerate-webadmin-ca

Children
  • 0 in reply to PatrickD

    Patrick, check out The Zeroeth Rule in Rulz and the trick mentioned in it.  In my opinion, that's the right way to change the name of your UTM.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML