Hi,friends! From version 18.5, the product no longer creates a private key when generating CSR and a passphrase cannot be set. However, I was able to obtain the private key by the following method after CSR generation with this product. System …

Hello, Is there a way to update a certificate that is used in WAF Rules without touching every WAF rule?

Hi, While installing a new certificate, I get the error: "Certificate cannot be deleted. Certificate is already used in HTTP based policy." Anyone know how to find where a certificate is being used in an XG-135 v17,5? Two years ago I ran into this…

What I did: I created a csr in Sophos XG210 18.5.2 I used the csr to order an officially signed ssl cert via GoDaddy after verification via dns the SSL was issued I upload the intermediate and root cert Uploaded the hosts cert via .pem…

Hi Guys, i have renewed my certificate on my XG135, i changed the certificate under Administration -> Admin & User Settings, but : This site can’t provide a secure connection vpn.athenion.com sent an invalid response. Try…

Hi all, firewall already uses a wildcard cert for WAF, I tried to set it up for "Admin console and end-user interaction" as it is called in the Admin settings. Applying the cert resultet in not being able to reach the Webadmin and Userportal, neither…

Hi, I recently went through and updated some of my older LetsEncrypt certs and when I imported them they were showing up as Untrusted. The rest I had were still trusted. Unsure as to why, I removed the LetsEncrypt R3 Intermediate and the ISRG Root X1…

I am trying to update the certificate on my Sophos XG (SFOS 18.5.2 MR-2-Build380). I've created the CSR and when I try to submit it to the CA I'm getting the below error: CSR can not have a passphrase / challenge phrase. Enter a new CSR. I don…

Hello, I've been using the Sophos XG for a number of years with an SSL certificate that I use for the Admin portal, etc. I use a wildcard certificate that I purchase so that I can use it on some other servers as well. Today, I purchased a new wildcard…

Hi Community, I have the following Problem: A customer needs an SSL-Certificate renewed, that is only used for XG (Webserver, Userportal, Webadmin). For this i need the private key. A collegue renewed it last year und uploaded it on the Sophos XG…

Good Morning! Dear Sophos Community, Could you help me to understand about an issue, We are following a sophos KB support.sophos.com/.../KB-000041071 Which shows us how to generate the CSR certificate to be sent to the CA for signature, so far so good…

So, 2 years ago a goDaddy SSL cert was added to XG and been used since that date. It is now renewed with goDaddy and downloaded. I tried replacing existing one with new one, but it said a rule/policy was already using it. So I then added the certificate…

Too many cooks and s omething has become messy with certificates on our XG and I need some help to get this sorted. (SFOS 18.0.5 MR-5-Build586) virtual Trying to upload a pfx-certificate generated by our certbot gives the dreaded red X. Mousing over…

I have followed the steps on this thread https://community.sophos.com/sophos-xg-firewall/f/discussions/130486/certificat-let-s-encrypt-untrust but the certificate is still showing as untrusted and i am unable to select it for the admin/client interface…

Hi folks If create a Lets Encrypt certificate (pfx, fullchain cert) and uploaded it to my freshly installed Sophos XG ( SFOS 18.5.1 MR-1-Build326). The certificate is uploaded but shows up as untrusted (red cross). The chain of the certificate…

Earlier this year I setup VPN on an XG 135 (SFOS 18.0.4 MR-4) and documented the steps. I am trying to follow the same steps on a new XGS 116 (SFOS 18.5.1 MR-1-Build326) but have encountered a difference that I would like to clarify before going further…

Hello: We have a third party certificate from Digicert that we have installed on our Sophos XG210 firewall that will be expiring on 11-08-2021. I need to reissue this certificate via Digicert but I need to add our CSR on the Digicert site to start the…

Hello, We would like to use our own SSL certificate for our Sophos User Portal so users aren't presented with the "Not Secure" warnings when going to the user portal. We have our wildcard SSL imported into the Sophos Firewall. When I went to Administration…

After the latest DST X3 certificate issue. All of my Let's encrypt certificats is not being validated correctly on my Sophos XG. Everything updated to latest version. I've tried to remove the Let's Encrypt R3 certificates. Re-upload the new ones. Followed…

Hello, I have at several computers this next problem. At working computers I can see certificate of remote server with certificate of Sophos but at some other set of cumputers I see this Certification Path : certificate of Sophos CA is…

Hello everyone , I recently updated my let's encrypt certificate. This is considered unreliable by the sophos. While it is valid. I use it in WAF rules and it works well. No message from different browsers. As the certificate is considered invalid…