Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 3938 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Error. NET::ERR_CERT_AUTHORITY_INVALID

Adam Adamek

I have sophos firewall connected in bridge mode. I have a synology server on my home network with adguard home on it. I'm learning everything slowly but I have a problem with the error NET::ERR_CERT_AUTHORITY_INVALID it is the main one when I enter the first google results that are promoted.



This thread was automatically locked due to age.
Parents
  • +1

    Hello!

    In order to Sophos Firewall show a block page over encrypted (TLS) connection, It needs to (MITM) which is decrypt and re-encrypt with It own self-signed certificate authority.

    The reason on why your browser showed a warning page was because of this, apparently there is a Web Policy which is currently blocking the link that you opened - that is a Google advertisement.

    To solve this, either you import the certificate authority from the Sophos Firewall, or create a Web exemption for that domain - so It doesn't get blocked.

    Adam Adamek said:
    I have sophos firewall connected in bridge mode.

    Since you're a Home user I highly recommend you to NOT use Sophos Firewall with bridge mode, It will be much better and easier to use as your main Gateway.

    Thanks!

    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

  • 0 in reply to Prism

    Hi thank you for the quick reply. At home I have mac os x, I installed the safari certificate, everything works, but chrome and firefox have problems. I just noticed that in safari it uses the website certificate and in chrome and firefox it uses the sophos certificate. You are right, it is specified in the policies at the web section. Web policy filtering when I switch to allow everything works. I understand how it works, it's correct, it's supposed to block what I want, but I'm just wondering why it doesn't show a message from sophos despite importing it to mac os x, only a certificate error. indicates that the certificate is not trusted

    Edition. I solved it, it may be useful for other people, you have to additionally indicate in the system that the certificate is trusted.

Reply
  • 0 in reply to Prism

    Hi thank you for the quick reply. At home I have mac os x, I installed the safari certificate, everything works, but chrome and firefox have problems. I just noticed that in safari it uses the website certificate and in chrome and firefox it uses the sophos certificate. You are right, it is specified in the policies at the web section. Web policy filtering when I switch to allow everything works. I understand how it works, it's correct, it's supposed to block what I want, but I'm just wondering why it doesn't show a message from sophos despite importing it to mac os x, only a certificate error. indicates that the certificate is not trusted

    Edition. I solved it, it may be useful for other people, you have to additionally indicate in the system that the certificate is trusted.

Children
No Data
Unfiltered HTML