Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Advisory: Sophos XG Firewall - Antivirus service stopped due to failed pattern update. Please visit this KBA for the latest updates
We'd love to hear about it! Click here to go to the product suggestion community
I am trying to use my own root CA in XG for HTTPS decrypt and Captive Portal, I have successfully installed the root CA under Certificate Authorities and I can select it for HTTPS Decrypt.
Now I have generated a Signed Certificate from this root CA and uploaded it to the Certificates tab, but it is marked with a red cross saying Expected Issuer but the CA is there with the same name.
My appliance is currently running on 17.5.9.
Tested with the same certificate files on another XG 310, same issue, tested on a XG 135 running SFOS 17.5.3 and it worked, maybe it is a bug in 17.5.9?
Hi Rodrigo Silveira When you perform the test with different firmware, you have performed the same steps and files for certificate and it works in Mr-3 but not working in MR-9, please correct me if I am missing something.
Perform these steps:
I am not sure but the error should be in "validationError.log" if I am not mistaken.
Share the result.
In reply to Keyur:
Yes, that's right, I've tested with the same certificate files on a different appliance and an older firmware and it worked.
On XG 310 17.5.9
On XG 210 17.5.3
Same files, same CA.
Well... that's weird, I've deleted the certificate and CA from the firewall, uploaded both again and now it worked.
Did nothing different from previous attempts.
Anyway, thank you for the support.