• How to check the passphrase of an exported private key

    Shun Moriyama
    Shun Moriyama
    Hi,friends! From version 18.5, the product no longer creates a private key when generating CSR and a passphrase cannot be set. However, I was able to obtain the private key by the following method after CSR generation with this product. System …
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How to easy update a certificate that is used in WAF?

    Björn Bendix
    Björn Bendix
    Hello, Is there a way to update a certificate that is used in WAF Rules without touching every WAF rule?
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Certificate is already used in HPPT based policy, 2 years later...

    stanlyn
    stanlyn
    Hi, While installing a new certificate, I get the error: "Certificate cannot be deleted. Certificate is already used in HTTP based policy." Anyone know how to find where a certificate is being used in an XG-135 v17,5? Two years ago I ran into this…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SSL certificate is not selectable after CSR Request and Import via GoDaddy

    Eric Richardsen
    Eric Richardsen
    What I did: I created a csr in Sophos XG210 18.5.2 I used the csr to order an officially signed ssl cert via GoDaddy after verification via dns the SSL was issued I upload the intermediate and root cert Uploaded the hosts cert via .pem…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • User Portal SSL certificate problem

    Stefano Sorrentino
    Stefano Sorrentino
    Hi Guys, i have renewed my certificate on my XG135, i changed the certificate under Administration -> Admin & User Settings, but : This site can’t provide a secure connection vpn.athenion.com sent an invalid response. Try…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WebAdmin not accessible w/ Wildcard Cert

    Vault Sec
    Vault Sec
    Hi all, firewall already uses a wildcard cert for WAF, I tried to set it up for "Admin console and end-user interaction" as it is called in the Admin settings. Applying the cert resultet in not being able to reach the Webadmin and Userportal, neither…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • LetsEncrypt Certs signed by R3 Intermediate cert not Trusted by Sophos XG after reinstalling CA certs.

    Optoisolated
    Optoisolated
    Hi, I recently went through and updated some of my older LetsEncrypt certs and when I imported them they were showing up as Untrusted. The rest I had were still trusted. Unsure as to why, I removed the LetsEncrypt R3 Intermediate and the ISRG Root X1…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • CSR can not have a passphrase / challenge phrase. Enter a new CSR.

    Nathan_K
    Nathan_K
    I am trying to update the certificate on my Sophos XG (SFOS 18.5.2 MR-2-Build380). I've created the CSR and when I try to submit it to the CA I'm getting the below error: CSR can not have a passphrase / challenge phrase. Enter a new CSR. I don…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Export private key from Sophos XG

    J_87586
    J_87586
    Hello, I've been using the Sophos XG for a number of years with an SSL certificate that I use for the Admin portal, etc. I use a wildcard certificate that I purchase so that I can use it on some other servers as well. Today, I purchased a new wildcard…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Extract p12 or private key from imported certificate

    OlvrKl
    OlvrKl
    Hi Community, I have the following Problem: A customer needs an SSL-Certificate renewed, that is only used for XG (Webserver, Userportal, Webadmin). For this i need the private key. A collegue renewed it last year und uploaded it on the Sophos XG…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • CSR Certificate Help

    Welington Silva de Lima1
    Welington Silva de Lima1
    Good Morning! Dear Sophos Community, Could you help me to understand about an issue, We are following a sophos KB support.sophos.com/.../KB-000041071 Which shows us how to generate the CSR certificate to be sent to the CA for signature, so far so good…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Renew SSL certificate for email on XG Firewall

    Paul Digby
    Paul Digby
    So, 2 years ago a goDaddy SSL cert was added to XG and been used since that date. It is now renewed with goDaddy and downloaded. I tried replacing existing one with new one, but it said a rule/policy was already using it. So I then added the certificate…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Let's encrypt certificate woes - "Certificate authority: Invalid or not installed"

    h3ctic
    h3ctic
    Too many cooks and s omething has become messy with certificates on our XG and I need some help to get this sorted. (SFOS 18.0.5 MR-5-Build586) virtual Trying to upload a pfx-certificate generated by our certbot gives the dreaded red X. Mousing over…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Lets encrypt admin and client access certificate not trusted

    Chris Mottershead
    Chris Mottershead
    I have followed the steps on this thread https://community.sophos.com/sophos-xg-firewall/f/discussions/130486/certificat-let-s-encrypt-untrust but the certificate is still showing as untrusted and i am unable to select it for the admin/client interface…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • LetsEncrypt Certificate not trusted by Spohos XG Firewall

    Posbis
    Posbis
    Hi folks If create a Lets Encrypt certificate (pfx, fullchain cert) and uploaded it to my freshly installed Sophos XG ( SFOS 18.5.1 MR-1-Build326). The certificate is uploaded but shows up as untrusted (red cross). The chain of the certificate…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Can't set passphrase when creating a certificate

    Alan Spark
    Alan Spark
    Earlier this year I setup VPN on an XG 135 (SFOS 18.0.4 MR-4) and documented the steps. I am trying to follow the same steps on a new XGS 116 (SFOS 18.5.1 MR-1-Build326) but have encountered a difference that I would like to clarify before going further…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Third Party (Digicert) VPN Certificate Renewal

    Clay Tsuhako
    Clay Tsuhako
    Hello: We have a third party certificate from Digicert that we have installed on our Sophos XG210 firewall that will be expiring on 11-08-2021. I need to reissue this certificate via Digicert but I need to add our CSR on the Digicert site to start the…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Custom SSL for Sophos User Portal

    djb-sophos
    djb-sophos
    Hello, We would like to use our own SSL certificate for our Sophos User Portal so users aren't presented with the "Not Secure" warnings when going to the user portal. We have our wildcard SSL imported into the Sophos Firewall. When I went to Administration…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG - Lets Encrypt broken - Certificate authority: Invalid or not installed

    Steen Paulsen
    Steen Paulsen
    After the latest DST X3 certificate issue. All of my Let's encrypt certificats is not being validated correctly on my Sophos XG. Everything updated to latest version. I've tried to remove the Let's Encrypt R3 certificates. Re-upload the new ones. Followed…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • problem with certificate - do not see Sophos CA root certificate

    Petr Odvarka1
    Petr Odvarka1
    Hello, I have at several computers this next problem. At working computers I can see certificate of remote server with certificate of Sophos but at some other set of cumputers I see this Certification Path : certificate of Sophos CA is…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Certificat let's encrypt untrust

    lauwiks Cutman
    lauwiks Cutman
    Hello everyone , I recently updated my let's encrypt certificate. This is considered unreliable by the sophos. While it is valid. I use it in WAF rules and it works well. No message from different browsers. As the certificate is considered invalid…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<