Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 41 replies
  • Subscribers 3 subscribers
  • Views 93469 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Errors trying to regenerate certificates (Heartbleed mitigation)

utmfan
Hi all,

My home UTM is throwing an error when I try regenerate certificates and signing CA under the Remote Access->Certificate Management->Advanced

The Confd reported an error without providing any details. 


Any ideas? FWIW, I was able to reset my WebAdmin cert without any trouble.


This thread was automatically locked due to age.
Parents
  • 0
    Is there any information in the confd log file?  Do you have a new CA and "(Regenerated)" certs?

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Is there any information in the confd log file?  Do you have a new CA and "(Regenerated)" certs?

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    Is there any information in the confd log file?  Do you have a new CA and "(Regenerated)" certs?

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.


    confd log: 

    2014:04:14-07:37:40 utmfan confd[7122]: E Use of uninitialized value $enddate in pattern match (m//) at /Object/ca/signing_ca.pm line 359.

    2014:04:14-07:37:40 utmfan confd[7122]:

    2014:04:14-07:37:40 utmfan confd[7122]: 1. sys::_warn:54() /sys.pm

    2014:04:14-07:37:40 utmfan confd[7122]: 2. Object::ca::signing_ca::ca_generate_signing_ca:359() /Object/ca/signing_ca.pm

    2014:04:14-07:37:40 utmfan confd[7122]: 3. Object::ca::signing_ca::ca_regenerate_signing_ca:473() /Object/ca/signing_ca.pm

    2014:04:14-07:37:40 utmfan confd[7122]: 4. (eval):1() (eval 1351)

    2014:04:14-07:37:40 utmfan confd[7122]: 5. sys::AUTOLOAD:356() /sys.pm

    2014:04:14-07:37:40 utmfan confd[7122]: 6. (eval):1() (eval 1349)

    2014:04:14-07:37:40 utmfan confd[7122]: 7. Astaro::RPC::server_loop:198() /rpc.pm

    2014:04:14-07:37:40 utmfan confd[7122]: 8. rpc::launch:50() /rpc.pm

    2014:04:14-07:37:40 utmfan confd[7122]: 9. main::_rpc:2189() confd.pl

    2014:04:14-07:37:40 utmfan confd[7122]: 10. main::top-level:394() confd.pl 


    None of my certs have regenerated - they're all still the old dates.  I could delete and re-create them, but I would still be using the old (potentially compromised) signing CA, would I not?
Unfiltered HTML