Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 14116 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bug: Portals and Certificates

Wintemrute

Hi All

Did someone manage to replace the certificate for the Admin-/User-/Captive-Portal?

What I tried so far:

  • Create cert via Letsencrypt.org and upload it to Objects - Identity - Certificate
  • Create a CSR via certificate menu and let it sign from Letencrypt.org
  • Create a selfsigned cert and uploaded it

I always got the same outcome:

Authority gets a red "x" (Manual doesn't help much there in explaining what it means) and under System - Administration - Settings - Admin Port Settings I can only choose the default ApplianceCertificate cert.

Has someone an idea what I'm doing wrong?

Thanks Roman



This thread was automatically locked due to age.
Parents
  • 0

    So, I think I got it and I did nothing wrong......

    How can I raise a bug?

    When I try to load the Let's Encrypt CA Cert to Objects - Identity - Certificate Authority it always fails.

    Digging deeper into the logs I found following:

    790 2015-12-04 19:54:38.537 GMTSTATEMENT:  select substr(mergetext(caname || ','),0,length(mergetext(caname || ','))) from tblrootcainfo where companyid in (select caid from tblrootcadetail where rtrim(subject,chr(10))='/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X1') and caname || '.pem' != 'AAAA_LetsEncryptAuthX1.pem';

    21530 2015-12-04 19:54:38.577 GMTERROR:  syntax error at or near "s" at character 53

    21530 2015-12-04 19:54:38.577 GMTSTATEMENT:  insert into tblrootcadetail values(240,'/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X1')

    21530 2015-12-04 19:54:38.581 GMTERROR:  current transaction is aborted, commands ignored until end of transaction block

    For me it looks like a classical quoting error of the hyphen....

    Regards Roman

  • 0 in reply to Wintemrute

    Hi,

    I can confirm this bug. How do we get attention from Sophos to get this fixed?

    Regards
    Ingo

  • 0 in reply to IngoTheiss

    Thank you for your feedback. will look into it. and it may get fixed in upcoming releases of XG.

    Regards,

    Vivek

Reply Children
No Data
Unfiltered HTML