Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 1 subscriber
  • Views 40089 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best way to avoid certificate error?

alexxdavid
Hi Guys,

What is the best way to avoid Certificate error when using Web Filtering and accessing https website?

Currently using transparent mode (no authentication for windows and SSO for IOS) when SSO was activated for windows, I was also getting errors regarding passthrough.fw-notify.net.

Can this be fixed by uploading a public certificate? Shouldn't it resolve to the fqdn of the UTM instead?


This thread was automatically locked due to age.
Parents
  • 0
    For WebAdmin, you can use the one that it comes with, or you can supply your own that is either self-signed or public and matches your FQDN.
    Management> WebAdmin Settings > HTTPS Certificate

    Something with a Subject Alternate Name of 127.0.0.1 seems a little odd to me.  I don't know if any of our certificates that we normally supply include this, I did a quick check and did not see any.  I see the WebAdmin certificate normally includes in the SAN a DNS Name and IP Address that is set to the UTM's IP.  This is so that you can get to WebAdmin via IP Address and have the certificate apply.
  • 0 in reply to Michael Dunn
    Hi Michael,

    Just checked the Webadmin certificate as well and this one also has IP Address=127.0.0.1 as the SAN name as well???
  • 0 in reply to alexxdavid
    Hi Guys,

    Quick question, my webadmin certificate was set to admin(x509 user cert) by default, is it supposed to be using this one or the local X509 cert? Will changing that will then change my proxy ca certificate?
Reply Children
No Data