XG 18 MR3 use incorrect certificate in web Warn/block page

Question

Hi, 
 I found problem in MR3 (working fine in previous release MR-1-Build396 ) 
 When user access to Blocked or Warn web Sophos just use default certificate instead of selected one and also didn't issued to valid firewall host name v18 MR1 is work fine it just use Cert that I configured in "Admin console and end-user interaction" menu 
 
 SSL interception and user portal still use correct certificate 
 
 Screenshot: www.dropbox.com/.../2020-10-19_17-05-13.png

Tanapol Euaungkanakul · Accepted Answer

Hi, Just got response from Sophos and working workaround 
 According to Technical Support 
 Tanapol, This is regarding support case 03248790 and the reported issue with certificate warnings while browsing to Webadmin. The screen shots you have provided were helpful in diagnosing the issue, this appears to be a known behavior in the 18.0.3 MR-3 firmware version. After upgrading the firmware to this version, users will need to regenerate and or remove then re-add there certificates. 
 When browsing to [Firewall Domain].com which is the firewalls webadmin portal, you see your firewalls default SSL certificate and firewall serial number. The firewall is configured not to use this, as observed in the screen showing Admin settings, however, this is expected with this firmware version. 
 I try to re-add my cert.+key and now warn/block page are working again. 
 Please note that my Cert. is purchase from trust CA that mean I have to completely remove my Cert. from VPN/Portal etc... and delete cert. 
 In my case I also have to delete ALL CA in certification path (if any) then re-add just like when you setup it for the first time, 
 re-add only cert without delete and re add CA in the path of that cert first just won't work for me.

Rhys Goodwin · Answer

Hi Tanapol Euaungkanakul , I also experienced this issue as reported here . You could try changing the Web proxy scanning mode from batch to real-time and back again and see if that helps.

XG 18 MR3 use incorrect certificate in web Warn/block page

Top Replies