Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 6 subscribers
  • Views 1310 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM blocking access to acme-challenge

HGA

I am using Sophos UTM and need a certificate for openssl. Therefore I tried to install Certify the Web.
For the mail server I using a sophos certificate and the `Exchange Server Webservices` Firewall-Profile!
If I try to access to a file inside the inetpub\wwwroot\.well-known\acme-challenge via internet, I got the error-message

Access to the requested URL was blocked!

I guess this is not a normal access to the exchange server and therefore blocked!

Is there any solution to get it working?



This thread was automatically locked due to age.
Parents
  • 0

    The solution depends on what is being blocked.
    It may be that a "direct call" to the URL is not permitted (url hardening) ... then the URL must be entered as an "entry URL".
    Or an anomaly is detected...then it needs an exception.

    Please check the WAF-log


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    That what I found!

    sophos httpd: id="0299" srcip="172.68.110.170" localip="10.0.10.2" size="199" user="-" host="172.68.110.170" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="224" url="/.well-known/acme-challenge
Reply
  • 0 in reply to dirkkotte

    That what I found!

    sophos httpd: id="0299" srcip="172.68.110.170" localip="10.0.10.2" size="199" user="-" host="172.68.110.170" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="224" url="/.well-known/acme-challenge
Children
  • 0 in reply to HGA

    Feel free to send some more log-lines around this part per PM.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Unfiltered HTML