Hotspot Lets Encrypt Certificate Chain incomplete

Our UTM no longer delivers an intermediate certificate for the Lets Encrypt certificate of the Hotspot portal. As a result, there is an error on the clients.
Can anyone confirm this? I think the error was not present before version 9.701.
LE certificates in the Webserver Protection work without problems.

Best regards


  • Maybe the other way around. Does here someone on 9.701 use LE for Hotspot? Is the Captive Portal page displayed without certificate warning?

  • In reply to Alexander Busch:

    Solved today by reinstall the intermediate Certificate X3 of let's encrypt in UTM. Somehow there was something broken it seems. So no problem related 9.701.

  • In reply to Alexander Busch:


    i can reproduce the issue with missing LE Certificate Chain on the hotspot. Exporting the CA-Cert, deleting it and the load it up again works as a workaround. But when renewing the certificate, the problem came up again... So it is just a workaround until this will be fixed from Sophos. Otherwise this problem will pop up every three month ...