Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 2 subscribers
  • Views 1706 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What SSL do I need?

LiamCBenson
Hi All,

I am just experimenting with the WebAdmin SSL setup and I am trying to setup webadmin so my chrome browser doesn't go ballistic because webadmin is "unsecure"

I got a free Cert from StartSSL but I am not sure if that is the right certificate I need?

Once I get the right certificate how would I go about installing it?

Thanks guys


This thread was automatically locked due to age.
  • 0
    You can use StartSSL but you have to create a PKCS#12 certificate.
    This certificate can then be imported in UTM and used as webadmin/userportal certificate.

    First create a PKCS#12 from withint StartSSL!

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0
    Or just import the UTM's cert into Chrome.

    Barry
  • 0 in reply to BarryG
    Or just import the UTM's cert into Chrome.

    Barry


    This does work too, but for the user portal I believe it's better to use valid certificates that can be checked without having to import the certificate into every browser to be used by all of the potential users of the user portal (which are not always systems controlled by the sysadmin).
    StartSSL hands out free https/email certificates, so the price shouldn't be a show stopper.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0
    Hi,

    Does Chrome recognize StartSSL as a cert authority?

    If not, namecheap is selling Comodo certs for $8.

    Barry
  • 0
    Chrome uses the cert store that comes with the OS (at least on Windows)...

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0
    Do not forget to consider the name in the certificate has to match the url in the browser exactly. 
    Say you want to access the user portal from the internal network and from the internet aswell, you have to use a domain name which can be resolved correctly in both cases.

    br, Chris
Cookie Information Banner