Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 4892 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Own CA SecurityAppliance_SSL_CA

Harald J

 Hello,

 

is there a way to import my own self signed CA into the XG Firewall to use it as the default CA and delete de standard Sophos CA?

 

Thank you

Harald



This thread was automatically locked due to age.
Parents
  • 0

    Harald,

    You cannot change the default CA. The appliance ssl certificate is a "special" certificate that decrypt and encrypt the https traffic on the fly in order to keep the https connection with the original https site unbroken.

    So in order to avoid the certificate error page, import the CA inside your browser.

    Regards

  • 0 in reply to lferrara

    Hello lferrara.

     

    I'm not using the https decrypt feature.

    I' just want to import my own CA and my own VPN Server Certificate because I have multiple users out there and I don't want to change all the existing configurations.

     

    I'm using a self signed Root CA with a self generated VPN Certificate with multiple Intermediate certificates in between.

     

    So I'm guessing, I' staying with my running configuration and do not switch to Sophos when that's not possible.

    Thank you anyway for your answer.

     

    Kind Regards

    Harald

Reply
  • 0 in reply to lferrara

    Hello lferrara.

     

    I'm not using the https decrypt feature.

    I' just want to import my own CA and my own VPN Server Certificate because I have multiple users out there and I don't want to change all the existing configurations.

     

    I'm using a self signed Root CA with a self generated VPN Certificate with multiple Intermediate certificates in between.

     

    So I'm guessing, I' staying with my running configuration and do not switch to Sophos when that's not possible.

    Thank you anyway for your answer.

     

    Kind Regards

    Harald

Children