Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I am having an issue with Linux64 authentication client.

I created the .conf file and that seemed to work.  When running the binary I am getting an error saying "Setting location at ~/.caa/ca-cert.pem for certificates failed!  I thought it may be a permissions problem so I created a file and made is rw but that didn't help.  This article https://www.sophos.com/en-us/support/knowledgebase/123013.aspx doesn't match the version that is in the XG Firewall so I couldn't follow it.  Any advice would be great. 

Michael



Edited Tags
[edited by: Erick Jan at 10:58 PM (GMT -7) on 15 Sep 2022]
Parents
  • Hi Mike, was a bit intrigued by a Linux64 client so I downloaded it and worked right away. One thing though, the tar.gz file had a ca-cert.pem file issued by 'Sophos Client Authentication CA' bundled in it. The only place I could find this certificate directly was the 'Download CA for MSI' link on the Authentication Clients page. It would be nice if we could manage the certificate directly, I'm guessing its a quick-n-dirty way of encrypting the authentication data to the UTM. Octal permission on the file was 0755. Hope it helps.
  • The only item that was in my tar.gz was the bin file. There wasn't anything else in it. Can you verify the version on the bin (-V) on my version.
  • Here is the version of my caa binary

    ./bin/caa -V
    caa version 0.1.0

    and output of my tar.gz file

    drwxr-xr-x root/0 0 2015-11-20 03:27 ./
    drwxr-xr-x root/0 0 2015-11-20 03:27 ./bin/
    -rwxr-xr-x root/0 2404040 2015-11-20 03:27 ./bin/caa
    drwxr-xr-x root/0 0 2015-11-20 03:27 ./.caa/
    -rwxr-xr-x root/0 1679 2015-11-20 03:27 ./.caa/ca-cert.pem
    -rw-r--r-- root/0 931 2015-11-20 03:27 ./.caa/README
    -rw-r--r-- root/0 63 2015-11-20 03:27 ./.caa/caa.conf

Reply
  • Here is the version of my caa binary

    ./bin/caa -V
    caa version 0.1.0

    and output of my tar.gz file

    drwxr-xr-x root/0 0 2015-11-20 03:27 ./
    drwxr-xr-x root/0 0 2015-11-20 03:27 ./bin/
    -rwxr-xr-x root/0 2404040 2015-11-20 03:27 ./bin/caa
    drwxr-xr-x root/0 0 2015-11-20 03:27 ./.caa/
    -rwxr-xr-x root/0 1679 2015-11-20 03:27 ./.caa/ca-cert.pem
    -rw-r--r-- root/0 931 2015-11-20 03:27 ./.caa/README
    -rw-r--r-- root/0 63 2015-11-20 03:27 ./.caa/caa.conf

Children