• Lets Encrypt auf der SOPHOS XG OS

    mucsav1977
    mucsav1977
    Hallo, Ich bekomme das irgendwie nicht hin wie bei der UTM OS mit dem Zertifikat. Also da gibt es auch kein Lets Encrypt wie bei der UTM OS. Kann mir jemand helfen?? Ich möchte gerne ein Offizielles Zertifikat auf meiner Sophos haben. Sie hat…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SEC_ERROR_EXPIRED_CERTIFICATE for web proxied sites

    Tim M
    Tim M
    Hello, I am a home user of the Sophos XG firewall - SFVH (SFOS 19.0.0 GA-Build317) - and use it to proxy specific sites... one of those things I proxy is google and youtube. Recently, it seems that the certificates that my appliance creates have expired…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS Certificate

    crock waxi
    crock waxi
    Hi, im have added default Sophos CA to Trusted Root Certification Authorities on my pc, also in firefox and still getting Unsecure connection error in Firefox (tested with 3 web browsers)... Do i need to generate locally-signed certificate with public…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • When the vendors HowTo's are not rebuilding the reality or "Install a subordinate certificate authority (CA) for HTTPS inspection" is wrong

    K-M
    K-M
    Just for someone else with the same problem, I had a ticket with Sophos (for months just to get this answer...) because I didn't get this one working: https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Certificates…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG FW - Some users have "Not Secure" notification in browser even though all sites are HTTPS

    Sophos User6227
    Sophos User6227
    XG FW - Some users have "Not Secure" notification even though all sites are HTTPS Users are authenticated and internet is working, however, no matter which site they go to it always says "Not Secure" "This site has a valid certificate, issued by…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Need help renewing the device certificate

    Alexandre Lemaire
    Alexandre Lemaire
    Good morning! Having a hard time installing the client portal cert onto an iPad, I suspect it's because the self-signed cert I am using has expired (though it still works on devices that have already downloaded it). Task is to renew a cert in Certificates…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Firewall - VPN Certificates Needing Annual Redeployment

    ptho
    ptho
    Hi Sophos, We currently use the SSL VPN for our remote user base, but as the included SSL certificate expires somewhat regularly we have to reinstall the local client. Whilst not the end of the world, it's an inconvenience when we have a significant…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SecurityAppliance_SSL_CA expired or not Valid

    Phil B
    Phil B
    Hello, I am new to the Sophos community. I am starting with Sophos XG Firewall. I have a Sophos XG86 that was working fine with a SSL VPN site-to-site connection in version 18.0.5MR5 to a remote site. I upgraded the remote site to SFOS 19.0.0.0 GA (Sophos…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Upgrade auf (SFOS 19.0.0 GA-Build317), seitdem kommen Zertifikatsmeldungen bei Outlook!

    Andreas Wuschansky
    Andreas Wuschansky
    Hallo zusammen, gestern habe ich das Upgrade von SFOS 18.5.2 -> SFOS 19.0.0 GA-Build317 durchgeführt. Seitdem kommen bei Outlook (2019) immer die Zertifikatsmeldungen bei erstmaligem Abfragen der E-Mail Konten (IMAP+POP) Ich habe geschaut, das SSL…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Certificate based site-to-site tunnel issue cannot choose Local ID type or define Local ID once I choose a local certificate

    Raul Fernandez1
    Raul Fernandez1
    Howdy, Issue with configuring cert based site-to-site VPN on Sophos XG 87 I am trying to build a certificate based IPsec tunnel on my new Sophos XG 87 FW v19. 1) I created the CSR by going to certificates > add> generate certificate signing request…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Owned SSL Cert not working in captive portal SFOS 19.0.0 GA-Build31

    Andrew Laing
    Andrew Laing
    Captive portal in version SFOS 19.0.0 GA-Build31 is not using specified certificate as admin portal. Captive portal is using SOPHOS cert which is not correct in my setup. See below images. Have tried fresh re-install, upgrade removing and re-adding…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Certificate Sharing between multiple firewalls

    ITGuy22
    ITGuy22
    So we have 2 firewalls at different locations and we want to implement SSL/TLS inspection. Instead to installing 2 certificates we would like to use 1 for both firewalls. Is that something that is possible?
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Default CA - CN=Namibia - any reason for that?

    LHerzog
    LHerzog
    We purchased a bunch of XGS 136, reimaged them with MR2 and now upgraded them too MR3. Now I noticed that the default CA on all machines looks like this: This results in the default ApplianceCertificate to be issued by the Default CA looking…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Digital certificate

    Manish Chawda
    Manish Chawda
    Hi, This is the 3rd call I have logged for successful creation of Digital Certificate. Sophos L1 tried based on KB and also shared me the same, but till we are not able to create digital certificate successfully. Can anyone take my remote and help…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Using WAF with servers own certificate?

    Syl4r
    Syl4r
    It seems that it is impossible to create WAF rules for web servers with https so that the web server would use its own certificate instead of cert from the firewall. Is it really so and is there any trick going around this problem?
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Incorrect SSL Certificate shown when accessing internal Server from WAN on port 443

    Marcus Cannon
    Marcus Cannon
    I have a DNAT in place from WAN port to internal server on port 443 (HTTPS) for accessing to users workfolders. When you connect to external URL it gives out the sophos XGS 2300 appliance certificate instead of the ssl certificate installed on the server…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How to check the passphrase of an exported private key

    Shun Moriyama
    Shun Moriyama
    Hi,friends! From version 18.5, the product no longer creates a private key when generating CSR and a passphrase cannot be set. However, I was able to obtain the private key by the following method after CSR generation with this product. System …
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How to easy update a certificate that is used in WAF?

    Björn Bendix
    Björn Bendix
    Hello, Is there a way to update a certificate that is used in WAF Rules without touching every WAF rule?
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Certificate is already used in HPPT based policy, 2 years later...

    stanlyn
    stanlyn
    Hi, While installing a new certificate, I get the error: "Certificate cannot be deleted. Certificate is already used in HTTP based policy." Anyone know how to find where a certificate is being used in an XG-135 v17,5? Two years ago I ran into this…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SSL certificate is not selectable after CSR Request and Import via GoDaddy

    Eric Richardsen
    Eric Richardsen
    What I did: I created a csr in Sophos XG210 18.5.2 I used the csr to order an officially signed ssl cert via GoDaddy after verification via dns the SSL was issued I upload the intermediate and root cert Uploaded the hosts cert via .pem…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • User Portal SSL certificate problem

    Stefano Sorrentino
    Stefano Sorrentino
    Hi Guys, i have renewed my certificate on my XG135, i changed the certificate under Administration -> Admin & User Settings, but : This site can’t provide a secure connection vpn.athenion.com sent an invalid response. Try…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WebAdmin not accessible w/ Wildcard Cert

    Vault Sec
    Vault Sec
    Hi all, firewall already uses a wildcard cert for WAF, I tried to set it up for "Admin console and end-user interaction" as it is called in the Admin settings. Applying the cert resultet in not being able to reach the Webadmin and Userportal, neither…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SSL/TLS Inspection causing CRL Error on RDP

    Markus Steinbauer
    Markus Steinbauer
    Hi Everybody, We are using an enterprise CA for Deploying Certificates to our Clients and the CA ist trusted by the Firewall and everything works. When enabling SSL/TLS Inspection we are facing the Problem, that Microsoft Remote Desktop Client forcefully…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • CSR can not have a passphrase / challenge phrase. Enter a new CSR.

    Nathan_K
    Nathan_K
    I am trying to update the certificate on my Sophos XG (SFOS 18.5.2 MR-2-Build380). I've created the CSR and when I try to submit it to the CA I'm getting the below error: CSR can not have a passphrase / challenge phrase. Enter a new CSR. I don…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Updating Cert for the same Cert Domain should not reset the "domains field."

    Robert Hau
    Robert Hau
    When updating a Cert from year to year. Why does the "Domains" in a waf rule reset to default. This is annoying. If the coverage of the cert is the same it shouldn't reset the field.
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>