Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CA WebConsole not secure / https

Dear collegues!

When we access the Webconsole through the internal network https://xxx.xxx.xxx.xxx:port, the browser recognizes the certificate for https access as not secure. We are using the default Sophos certificate. How should I fix this problem? Note: we only provide internal access to the WebConsole for administration.



This thread was automatically locked due to age.
  • Hi Bruno H Silva,

    Please try the link Sophos Firewall: Insecure connection to the webadmin 

    Thanks and Regards

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • Cause

    By default, the webadmin configuration uses the hostname-based certificate while the web admin and captive portal authentication pages are being accessed.

    The locally-signed certificate can be generated in the firewall and used to remove the certificate errors for accessing the web admin and captive portal. After generating the locally-signed certificate in the firewall, the certificate can be downloaded to a computer and imported as a trusted root certificate.
     

    Resolution

    1. Generate a locally-signed certificate.
    2. Browse and apply your newly created certificate.
    3. Open Microsoft Management Console (MMC) and see if the certificate is installed in Trusted Root Certification Authorities > Certificates.

      The webadmin and captive portal pages still show the "not secure" error.
       
    4. Download your default certificate. Its name is local_certificate_authority.tar.gz
    5. Extract the file and import Default.der to MMC.
    6. Close and open the browser once the certificate has been trusted as a root certificate.

      The "not secure" error should no longer show when you click the lock icon in the address bar of your webadmin or captive portal pages.