• Adding Certificates

    dimebagdaryll
    dimebagdaryll
    Good day. I would like to ask for your assistance about adding an updated certificate to publish my webserver. When I try to add a certificate, It will not show up on my Business application rule>>>> Https Certificate Entries. I uploaded the .dem file…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Webadmin Certificate Error NET::ERR_CERT_COMMON_NAME_INVALID

    Elizabeth Owen
    Elizabeth Owen
    On my windows machine I have installed the "Default" CA as well as the Appliance certificate (which I am also using for SSL/TLS inspection and SSLVPN). When I try to go to the IP address of the firewall I get this error: NET::ERR_CERT_COMMON_NAME_INVALID…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • LDAP certificates - Google Workspace

    Jamie Robinson
    Jamie Robinson
    Hi all This was asked previously in https://community.sophos.com/sophos-xg-firewall/f/discussions/119909/sophos-xg-user-authentication-with-g-suite-ldap , but it looked like the thread went dead without ever getting a conclusive answer. I've utilised…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • GoDaddy Expected issuer

    marc79
    marc79
    Hi I got a signed certificate by godaddy by CSR, generated with my new XG 135 Appliance. I did not enable Encription so I dont habe a PSK. The certificate ID is the DNS (host.domain.ch). I downloaded the zip-File from godaddy. If I import the .pem…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Generate self-signed certificate SANs section missing

    RSK
    RSK
    Hi, i'm trying to generate a certificate with multible SANs and I saw this should be possible as shown in the Help. But for me i only can see the Certificate details and the Identification attributes, but the SANs Part is not shown. Greetings…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Odd behaviour. CSR created on XG, uploaded to Digicert. New Cert would not apply. Had to use openssl

    Andy Howard1
    Andy Howard1
    Hi, can anyone please shed some light on what has just happened. We have an XG. A CSR was created on the XG and used to create a certificate with "Digicert". This was created and downloaded from Digicert and we proceeded to follow the installation procedure…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF & SSL Certificates

    kakawome
    kakawome
    Hello, We have a web server at the back of the Sophos firewall. We recently added a SSL certificate from Godadddy for the domain pointed to the server. The certificate seems to be installed properly in the firewal, however when we are trying to access…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Comodo SSL Certificates from Domain.com

    Stu McCluskey
    Stu McCluskey
    Hi, I've recently purchased SSL an SSL cert from Domain.com and when I received their files there was an intermediate certificate as well as a root certificate. Which am I supposed to load onto the XG for the admin/captive portal? The certificates…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • automatically renew Let's encrypt SSL-certificates on XG using PowerShell

    Sven Ott
    Sven Ott
    I spent a few hours on this, so maybe my result helps someone in a similar situation. In my home-lab I'm running a KEMP ADC that publishes all my SSL-Services. Since KEMP does not support Let's encrypt out of the box but offers a PowerShell module for…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • XG web proxy modifies certificate start and end date

    LHerzog
    LHerzog
    Hello, is it expected bahaviour that the XG is adding several months to the certificate of a website when doing HTTPS decrpytion and inspection? We noticed this today and were confused. If this is "works as designed" - What is the purpose of doing…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Certificate Authentication for a Specific Website

    tomas_baptiste
    tomas_baptiste
    Hi, We are using an XG firewall to allow remote workers to sign in via the VPN to the office network. From the office network they can access the company intranet which is locked down to the office IP address. If possible what we'd like to do is issue…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Captive Portal not using the right certificate after upgrade to SFOS 18

    Milan Škoro
    Milan Škoro
    Hi there, We noticed that after upgrading to SFOS 18, Sophos XG is not using the correct SSL Certificate for the captive portal. As you can see we have it set in the Admin settings on the device: And it's being used on all services, but the Captive…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Need API support for SSL certificate download from XG Firewall potal -> System -> Certificates

    Mageshwaran Periyasamy
    Mageshwaran Periyasamy
    We are in need of REST API support for the below operations in the sophos XG firewall portal. 1. Download/upload certificates and private key in the sophos XG firewall portal (admin portal) -> System -> Certificates inventory. 2. Generate CSR. …
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • Captive Portal / Blocked Page (Port 8090) Presents Wrong Certificate

    Rhys Goodwin
    Rhys Goodwin
    Kia ora! I'm running (SFOS 18.0.3 MR-3). I was under the impression that the certificate selected in admin settings should be used for all XG services but I'm being presented with a different one on port 8090: I've tried setting the certificate…
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • Why do I get Certificate Errors on Blocked Categories on XG v18?

    MrMojoRisin76
    MrMojoRisin76
    Greetings, I'm using a self-signed cert for user portal login and admin logins generated by using the devices IP address. When I log into those sites, the certificate passes through fine. When end-users hit a site which is in a blocked category, the…
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • Imported certificates not listing in Business Application Rule (BAR)

    Brian Ladley
    Brian Ladley
    I recently performed a factor reset on my XG 85 to resolve an issue with the WAF service causing the BAR firewall rules to hang. Now when I create a new BAR (Exchange General specifically), the certificates that I imported do not appear in the HTTPS Certificate…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Struggling with renewing a GoDaddy certificate

    svk253
    svk253
    I've gone through this a few times: https://community.sophos.com/products/xg-firewall/f/vpn/75396/godaddy-ssl-certificate-for-user-portal but I am not getting anywhere. Our VPN portal certificate expired and was auto renewed through GoDaddy. GoDaddy only…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Web Policy Alert no working at all (certificate error)

    Miguel Cruz
    Miguel Cruz
    Hi friends, Im trying to set an alert to show to the user "go to this site is not the best but, you can go, clic on continue" or something like, but instead of that it only shows a NET::ERR_CERT_AUTHORITY_INVALID on chrome. Does anybody know if i can…
    • Answered
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Certificates Flagged as Invalid

    MikeRM275
    MikeRM275
    Good afternoon, Recently I had to redo the certificates for Exchange 2013. I got the certificate from the Exchange Server and then uploaded it to the UTM. I also had user certificates that were expired, so I went to regenerate them and they still showed…
    • over 6 years ago
    • UTM Firewall
    • Web Server Security
  • SSL certificate for Sophos User Portal

    Roger Wolf
    Roger Wolf
    I have successfully installed a p12 certificate on the Sophos firewall. I followed this guide: https://www.leibling.de/sophos-xg-eigenes-oeffentliches-zertifikat-verwenden/ Looks like i can't activate the new certificate under Administration->Admin…
    • Answered
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • how to connect to my appliance securley

    Ishai Cohen
    Ishai Cohen
    hey guys, when i connect to my sophos appliance, i have this red bat (using https): i'v tried and failed to make this a "green" bar. i tried to load the certificate to the root ca container. maybe im missing something, but can you guys…
    • Answered
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Upload Certificate using API

    Andrew Quinn
    Andrew Quinn
    Hi folks, I've started having a play around with XG. I have a PowerShell script for generating a new Let's Encrypt certificate and updating my various components that use it, and wanted to integrate this with XG Home. It looks like the obvious way…
    • Answered
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Security Heartbeat stopped working in 17.0.6 MR-6

    RamyAjamieh
    RamyAjamieh
    Hi, I'm Facing a problem with Heartbeat its stopped suddenly and the counter showing 0 and there is no logs at all when I checked the logs I found there is a certificate issue so please anyone face the same problem and how do I fix it, I have opened…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • IPSec Tunnel with Certificates

    Lukas Mahl
    Lukas Mahl
    Hey there! I do have a little problem with the IPsec configuration of Sophos XG. I have been trying to do the same thing with Sophos UTM, but never got it working. I basically need a Remote Access IPsec VPN with authentication via certificates (no pre…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Certificate Error: The security certificate was issued by a Company you chose not to trust

    Charles Zvarimwa
    Charles Zvarimwa
    I recently installed Sophos XG 125/ w125 on our network. After installation I have been receiving the “Certificated is not valid” error when trying to open the outlook application. I am using Exchange 2010 and previously when I was using TMG I did not…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
<>