Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 1230 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN - incorrect CA signing user certificates

voodoo77
Hello everyone,

I have the following situation: my Sophos firewall is signing the SSL certificates for new users using the default CA (VPN Signing CA) instead of using the one specified long time ago, SSL VPN CA from GATE EU, when the SSL VPN was first setup (yes, I am using a different one). I have discovered this recently and I believe it happened after a firmware update. Is there any way to specify which CA to be used when signing the user SSL certificates used by the SSL VPN?

Firmware version: 9.111-7

Thank you in advance.


This thread was automatically locked due to age.
Parents
  • 0
    It must be possible to replace the VPN Signing CA at the command line with cc, but I don't think there's any way to do so in WebAdmin.  The best you can do is to use openssl to generate certificates for your users, import those into the UTM and select the appropriate cert for each user.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    It must be possible to replace the VPN Signing CA at the command line with cc, but I don't think there's any way to do so in WebAdmin.  The best you can do is to use openssl to generate certificates for your users, import those into the UTM and select the appropriate cert for each user.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML