SSL ISSUE

Hi Hesham Mahmoud1 

Please refer to the given articles.

https://community.sophos.com/kb/en-us/127287

https://community.sophos.com/kb/en-us/132678

Hi Keyur , 

Many thanks for you but i did already read and understanding those articles so i asked my question why when i import the root certificate ( Default ) which already sign 

the appliance certificate to my trusted root CA it doesn't work it is the concept here .

Hi Hesham Mahmoud1 

Did you try to add the certificate in MMC console?

Please refer the article for the same - https://community.sophos.com/kb/en-us/123048

Hi,

are you logging on using the FQDN of the firewall or the IP address. If the IP address you will get that error.

Ian

Yes i did that but still have the same issue 

Yes indeed i am using the ip address can you tell me how to use the FQDN of the firewall to check if it work .

Hi,

Use the device name in the CA to create a FQDN using the internal address and do not tick advertise on the internet box.

The above screenshot is from the Network -> DNS tab.

Ian

Thank you very much the ip address is causing this problem because i forget to use the CN instead of the ip address when i use the CN it working fine 

but without adding FQDN because the firewall is already can mapping the name of the device to the public ip address .

Hi,

the reason not to use the external address is you have to enable external access to your firewall which is something you should try to avoid and unless yo u have a static external IP address if your link fails you cannot connect to your XG. This is based on my experiences.

Ian