Sophos XG : NET::ERR_CERT_COMMON_NAME_INVALID

Question

HI all, 
 Hoping you can help. 
 Recently an external website we access has been updated and hosted elsewhere. Following the move we now get the following error but only when connecting via the VPN (Remote access). We can browse to the site without issue without using the VPN connection. Its a HTTPS site. Error is : NET::ERR_CERT_COMMON_NAME_INVALID Now in my limited knowledge and with some basic searching this seems to point to some sort of issue with the Cert for the site but would that then not be an issue in general not just for when we connect the VPN? I have attempted to add the website as an exception just for testing but the issue remains. Any suggestions on how to resolve this or things to check in the firewall would be gratefully received. Thanks.

PhilippRusch · Answer

Hello Neil, 
 I guess you are using some a webproxy or HTTPS inspection when coming/going through the VPN. Then this involves the certificate form the proxyserver itself. You should deploy the CA of this cert to your vpn clients. 
 Best thing would be a screenshot of the errormessage with the cert detail infos.

Mayur Makvana · Answer

Hello, 
 Thank you for contacting Sophos Community! 
 You may follow below KBA and review: 
 community.sophos.com/.../sophos-firewall-resolving-not-secure-error-while-browsing-secure-sites

Sophos XG : NET::ERR_CERT_COMMON_NAME_INVALID

Top Replies