Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Answers 2 answers
  • Subscribers 29 subscribers
  • Views 8394 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

#7779325 - SSL Certificates for User Portal

Desmond Besa

Hi All,

 

Hope all of you are doing well. I am just trying to secure my user portal by assigning a url and applying a SSL Wildcard Certificate on the Sophos XG 330. I was able to convert the PFX and private key that the RAPID SSL gave me and applied it to the FW. 

CERTIFICATES:

 

CA

But after applying, when I try to access the USer Portal, it still shows that it's not secured.

 

Do I need to regenerate the Appliance Certificate or Security_Appliance_SSL_CA?

 

Thanks!

 

Desmond



This thread was automatically locked due to age.
Parents
  • +1

    Hi Desmond,

    it is not enough to upload - you'll need to tell your Firewall to use that Certificate ;)

    "Selected certificate will be used for My Account, Captive Portal, SPX Registration Portal & Reply Portal"

    lna@cema

    SCA (utm+xg), SCSE, SCT

    Sophos Platinum Partner

  • 0 in reply to lna

    it worked! Thank you very much for this one! I was wondering if we can do this to our servers that are being port forwarded?

     

    Thanks.

     

    Desmond

  • 0 in reply to Desmond Besa

    Hi Desmond,

    you cannot influence Portforwarded (NATed) webserver certificates with the xg firewall.

    the only way to centrally manage that Certificate would be to use WAF (Business Application Rule) to publish it through Reverse Proxy

    or install your public certificate in your webservers.

    Yours Lukas

    lna@cema

    SCA (utm+xg), SCSE, SCT

    Sophos Platinum Partner

  • 0 in reply to lna

    Hi,

    rather than start another thread on certificates I will hang off this one. Where do I find the XG certificate to download and install on my user devices? There used to be a XG certificate but seems to have vanished, yes it is referred to on various menus, but not available for download.

    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    System > Certificates > Certificate Authorities

    Click on the download icon for the certificate you wish to download.

    You may be able to do the same for Certificates, but all the entries I have are Uploaded ones only with no download option.

  • 0 in reply to ChrisKnight

    Hi Chris,

    that was exactly my problem, the download of the XG certificate seems to have vanished?

    You can't really use https scanning without the certificate installed on your end devices.

     

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • +1 in reply to rfcat_vk

    Are you talking about the ApplianceCertificate certificate?

    If so it's signed by the Default CA certificate. If you download this and install it into the Trusted Root Certificate store, then ApplianceCertificate will then be trusted.

  • 0 in reply to ChrisKnight

    Yes, i was and now it has magically appeared.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

Reply Children
No Data
Cookie Information Banner