• Web Filter looking for wrong certificate

    Rodrigo Silveira1
    Rodrigo Silveira1
    Hello, I was using a local CA certificate for Web Filter, it was working as expected but yesterday the certificate expired, so I renewed it, deleted the old expired certificate and imported the new one but now the XG is ignoring it and trying to use…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Unable to delete expired Certificate Authorities

    Derek Preston
    Derek Preston
    Trying to delete some expired Certificate Authorities that are no longer used by any of our WAF rules, but receive "Certificate authority could not be deleted" Using WinSCP and navigating to /conf/certificate/cacerts/, the certificate authorities…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Letsencrypt API Update Script - dynamically handles multiple certs, multiple rules, including re-grouping of policies rules

    burton
    burton
    I wanted a way to auto update my letsencrypt certificates for use on my XG firewall and WAF rules. I developed this script to handle multiple certificates, and to be as dynamic as possible. The approach I took to achieve this is the following: 1) Within…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Can I buy Comodo positive ssl for webadmin login?

    TobLai
    TobLai
    I just want to get a certificate for the webadmin login. What are the brands that I can buy? Will comodo positive ssl works?
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • How to remove the certificate errors for webadmin and captive portal authentication pages

    TobLai
    TobLai
    I have followed closely step by step on this KB. https://support.sophos.com/support/s/article/KB-000036904?language=en_U I still cannot get rid of the Not secure warning by the browser. Am I missing something here? Ot do I need to buy my own CA…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • No heartbeat sessions - SSL error: SSL routines:ssl3_read_bytes tlsv1 alert internal error

    LHerzog
    LHerzog
    At a small remote remote site, there is a XG HA pair. Since Aug 22 Heartbeat is no longer working there. XG106_XN01_ SFOS 18.0.5 MR-5-Build586 We receive an informational mail on the same day (Aug 22) : So 22.08.2021 02:11 You are receiving this…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Certificate error while creating IPSec VPN

    Sysadmin UEPAC
    Sysadmin UEPAC
    Hi, I'm trying to create an IPSec VPN Connection, I did followed this guide -> docs.sophos.com/.../VPNIPsecSophosConnectClient.html But, when I click in "Apply" button, this error message shows up "'undefined' remote certificate has expired or…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Two Sophos XG sharing same clients certificates , how to ??

    ali turki
    ali turki
    hello we have two sohos xg in different locations, each one has different ports and configuration our users use android and windows agents to access the internet. the problem is that the two XGs have different client certificates, so when user move…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Download Certificate as p12

    Erik Sauerbier
    Erik Sauerbier
    Since SFOS 18.0.5 (18 MR5) it is no longer possible to download self-signed certificates as .p12-certificate (certificate with private-key). It is only possible to download the certificate as .crt without private-key. Does anyone have an idea how…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SFOS 18.0.5 MR 5 - Certificate Could Not Be Generated

    ChrisKnight
    ChrisKnight
    Howdy, Can someone please tell me where the log files for certificate import are located on SFOS 18.5? I'm trying to import a wildcard certificate that's been exported from a Windows Server as .pfx (just the certificate, not the certificate chain…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Adding a SSL Certificate (e.g. for the User Portal) does not work.

    Markus Schneider
    Markus Schneider
    Hello. I would like to install a SSL Certificate for my User Portal to avoid a Certificate Warning in the Browser by accessing the User Portal via Internet (https). I already know this Tutorial: https://docs.sophos.com/nsg/sophos-firewall/18.0/Help…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SSL Inspection (imported list of Root CA/Intermediate CA)

    Michi Schlüter
    Michi Schlüter
    Hello I'm wondering how Sophos XG validates the certificate chain (web surfing ssl inspection). We use web policies with "block invalid certificates" on a new installed sophos XG for a customer. Normally, we don't see a lot of blocked websites due to…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SSL certificate is not selectable for admin console and end-user interaction

    Christian Baum
    Christian Baum
    Hi all, I do have a problem installing/using a signed ssl cert for securing http access to the admin panel and user interface. What I did: I created a csr in Sophos XG (18.0.5) I used the csr to order an offically signed ssl cert after verification…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • CA certificates being rejected in error? (If so, how to report.)

    Wayne Folta
    Wayne Folta
    We're having issues with some Ring Central pages being blocked. You'll see an error like: But the certificate details look reasonable to me. In the SGX I find: The certificate in the block message looks the same as the second certificate to me,…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SFOS V18 breaks the Pocket Guide for using Digital Certificates in IPSEC VPN connections

    John huong
    John huong
    i've noticed that in SFOS V18 downloaded certs are now in CRT instead of PEM format. Strangely enough when you upload certificates into a V18 appliance it doesn't expect a CRT file. Additional work needs to be done with converters before it can be used…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • IPsec Client VPN Certificate problem

    Wisam Mouslli
    Wisam Mouslli
    Hi there, Our IPsec VPN Client was working fine but suddenly it stopped working giving this error 'Filed to established child SA' knowing that the SSL client VPN is working fine. In the Admin page of Sophos VPN it says ' 'undefined' remote certificate…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Cannot Change ApplianceCertificate

    Dan Becker1
    Dan Becker1
    I would like to setup sophos network agent for authentication to a Wifi Network on iOS. Followed this guide to generate self signed cert: https://support.sophos.com/support/s/article/KB-000038295?language=en_US But when I get to Step #4, I only see…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • 1. IPSec Tunnel alle 2 Stunden Down/Up , 2. iE bringt Fehler am Außenstandort mit XG

    Mary Lou
    Mary Lou
    Hallo Liebe Community, ich habe seit gut einem halben Jahr massive Probleme mit einer meiner XGs. Ich muss zuerst sagen, dass ich von Sophos absolut null Ahnung hatte als ich zu meinem neuen AG kam und das Erste was man wollte ist die alten UTMs loswerden…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • How Sophos (or firewalls) determine that a certificate is invalid?

    John Henry Vindas Carballo
    John Henry Vindas Carballo
    Hello everyone, Recently, I have been experiencing some issues for having HTTPS scanning/decrypting active in the rules on my network. For some reason, when I try to access some websites I got a Sophos block message saying that the certificate its…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Adding Certificates

    dimebagdaryll
    dimebagdaryll
    Good day. I would like to ask for your assistance about adding an updated certificate to publish my webserver. When I try to add a certificate, It will not show up on my Business application rule>>>> Https Certificate Entries. I uploaded the .dem file…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Webadmin Certificate Error NET::ERR_CERT_COMMON_NAME_INVALID

    Elizabeth Owen
    Elizabeth Owen
    On my windows machine I have installed the "Default" CA as well as the Appliance certificate (which I am also using for SSL/TLS inspection and SSLVPN). When I try to go to the IP address of the firewall I get this error: NET::ERR_CERT_COMMON_NAME_INVALID…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • LDAP certificates - Google Workspace

    Jamie Robinson
    Jamie Robinson
    Hi all This was asked previously in https://community.sophos.com/sophos-xg-firewall/f/discussions/119909/sophos-xg-user-authentication-with-g-suite-ldap , but it looked like the thread went dead without ever getting a conclusive answer. I've utilised…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Generate self-signed certificate SANs section missing

    RSK
    RSK
    Hi, i'm trying to generate a certificate with multible SANs and I saw this should be possible as shown in the Help. But for me i only can see the Certificate details and the Identification attributes, but the SANs Part is not shown. Greetings…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Odd behaviour. CSR created on XG, uploaded to Digicert. New Cert would not apply. Had to use openssl

    Andy Howard1
    Andy Howard1
    Hi, can anyone please shed some light on what has just happened. We have an XG. A CSR was created on the XG and used to create a certificate with "Digicert". This was created and downloaded from Digicert and we proceeded to follow the installation procedure…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAF & SSL Certificates

    kakawome
    kakawome
    Hello, We have a web server at the back of the Sophos firewall. We recently added a SSL certificate from Godadddy for the domain pointed to the server. The certificate seems to be installed properly in the firewal, however when we are trying to access…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>