Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 36 replies
  • Subscribers 1 subscriber
  • Views 57539 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN - Not working after upgrade to UTM 9

TheExpert
Hello together,

I upgraded from ASG 8.305 to UTM 9. When wanting to connect via SSL VPN I see the following error in the Log of the SSL VPN client which is updated, too:

VERIFY X509NAME ERROR: C=de, L=***, O=*** Mössner, CN=***, emailAddress=***, must be C=de, L=***, O=*** Mössner, CN=***, emailAddress=***

You can see that there is difference for the "O" field. The certificates were imported from the ASG installation where the SSL VPN worked fine.

When looking into the certificates on the UTM 9 and on the client, the "O" field looks good, there is no problem with vowel mutation.

So my question is: Which certificate is presented with the wrong information? Is it the certifacte of the SSL VPN client or is it the CA certificate of the UTM 9 and what can I do to correct the issue without resigning the HTTPS proxy certificate and all the other certificates?

Thank you

TheExpert


This thread was automatically locked due to age.
Parents
  • 0
    Strange.  It's time to ask your reseller to open a ticket with Support if you haven't already.

    What if you manually create a new cert for this user with oe instead of ö in the name field?  When creating a cert manually, there must be something put into each field or the cert won't be generated correctly.  You can open the User definition to indicate the new certificate and replace the certificate on the client machine.   Does that work?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hello,

    I use the UTM as home user. Can I open a support ticket with the free home user license?

    Wouldn't it be better to create new CA certificates for the SSL VPN because there are umlauts, too? Won't the other certificates be changed when I recreate these certificates, i. e. the certificates for the SSL proxy?

    Thank you

    TheExpert

    Kind Regards

    TheExpert

Reply
  • 0 in reply to BAlfson
    Hello,

    I use the UTM as home user. Can I open a support ticket with the free home user license?

    Wouldn't it be better to create new CA certificates for the SSL VPN because there are umlauts, too? Won't the other certificates be changed when I recreate these certificates, i. e. the certificates for the SSL proxy?

    Thank you

    TheExpert

    Kind Regards

    TheExpert

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML