Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 4 subscribers
  • Views 923 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SG210 S/MIME to SG135 S/MIME but de-crypting not working

Christian Wortmann

Good evening,

I'm trying to configure an SG210 (9.705-3) and an SG135 (9.705-3) with official S/Mime certificates from Sectigo.

"Enable automatic S/MIME certificate extraction" seems to work only on one of these firewalls. 

Other Mail encryption seems as it should. I read some hints from other firmwares, but none of these hints solves the problem. 

Just spent a couple of time after searching. Switching from SG to XG is planned, but actually no option.

Some other hints that I can try?

Thanks for any hints.

Christian



This thread was automatically locked due to age.
  • 0

    Just an Update. I reset both Email Encryption System. Than imported two .p12 certificates on side SG135 and one .p12 @ SG210. 

    - Mail from SG135 to SG210 is signed 

    - Mail from second Account @SG135 to SG210 is signed 

    - Both S/MIME certificates were extracted @ SG210

    - Response from SG210 to email1 to SG135

    - No certificate extracted

    - Mail has dgital issues

    - Manually added the .p12 file @ SG135

    - Mail from SG210 to SG135

    - Mail is encrypted in outlook

    Looks like de-cryption of certificates and de-crypting is not working correctly. Outgoing mail seems working fine. 

    Any ideas? 

  • 0 in reply to Christian Wortmann

    Hallo Christian and welcome to the UTM Community!

    Let me say this in my words to make sure I understand the situation.

    The SG 135 signs and encrypts correctly when sending to the SG 210 and the SG 210 correctly extracts the certificates and decrypts the messages.

    When the SG 135 receives encrypted email from the SG 210, it does not extract a certificate nor does it decrypt the message.

    What do you mean by "Mail is encrypted in Outlook?"

    Cheers - Bob
    PS Since your thread is in English, I've moved it to the Mail Protection forum.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi BAlfson,

    thanks for your feedback and mooving to the right forum. Thought english might reach more people than posting in german,.

    After a few more hours of searching google, sophos forums I found the bug @ our config.

    We mooved the SG210 from one location to another, and for testing we switched from WAF to NAT, that was the bug.

    After re-activating WAF anything is working as it should. 

Unfiltered HTML