Hi everyone. I thought I new something about certificates, but the deeper I dig, the more I realize I don't know anything...
I am very confused understanding how certificates work in the UTM and their dependency of each other.
I have recently purchased a domain name an finally changed the "MY-SOPHOS" hostname to "gate.mydomain.com". Yay.
I know that certificates need to be regenerated now, so that they contain the updated hostname.
But I need help and guide in this regard. There are multiple places with Signing CA, then there are Verification CA (??), then a common store with the rest of certs that cannot be viewed but only deleted.
And if I delete the Local X509 Cert because it is no longer valid (old hostname) after which I attempt to regenerate VPN Signing CA, then I get an error "The Confd reported an error without providing any details.". The only way to resolve it, is to generate a cert with exactly the same name "Local X09 Cert" and then regenerate the VPN Signing CA cert.
I am all confused how these dependencies work.
Please help me understanding where to start after the hostname has changed.
I need to cover all bases, every single cert that was affected, including WebAdmin CA, Proxy CA, VPN CA (any other?) and the rest of cascaded certs.
Thanks!
This thread was automatically locked due to age.
