XG330 (SFOS 18.5.4 MR-4-Build418)
today i get this error on CAA
Could not validate certificate! CAA Will now close
certificate is already deployed on windows computers and expire at 2036, no problem before until today.
I have one MAC Computer, so it has also this error and i try to reinstall CAA certificate on this MAC computer ( after download it from user portal)
but the problem still exist !
"server is not thrustworty! program will now terminate"
I never had this before and i don't know what is the problem, and i have no idea to resolve it.
Any help please.
What is the current time set on Sophos XG
Go to System -->Administration -->Time
Also, check license status is proper under System -->Admininstration -->Licensing
"Sophos Partner: Infrassist Technologies Pvt Ltd".
If a post solves your question please use the 'Verify Answer' button.
Hi Bharat J
Time is good
I would suggest to upgrade the firmware to the latest version and share the feedback
The latest firmware is available refer the following link : https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sophos-firewall-v19-mr1-re_2d00_release-build-365-is-now-available
Thanks and Regards
is this resolve the problem or just to test if the issue is from SFOS version?
is this issue known to sophos ?
May I know the total number of Systems affected ?
I think all clients using CAA
Others clients still using STAS, but anyone who can't authenticate with STAS, he try to use CAA
CAA is deployed on all computers, it's only the other way to authenticate if they can't connect with STAS
for several years..
CAA was working with the previous firmware version?
CAA was work with previous firmware version, but the upgrade I did it two months ago !!!
Please Go to System-->Admininstration --->Backup and Firmware -->Firmware and share the status of the firmware shown on GUI
Hello Fotit,Thank you for reaching out to the community, XG is sending the CA certificate with the future date stored under “/conf/certificate/internalcas/ClientAuthentication_CA.der”Did you recently upgrade the firmware ? If that is the case, then
1) Need to rollback to previous version where CAA agent is working fine.
2) Make sure that time is correctly set on the appliance in that firmware version.
3) Upgrade the firmware.
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.