JOIN OUR AFFILIATE NETWORK

Join our affiliate network and become a local SSL expert

♦ learn more about our program ♦
Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


Installing a certificate for Sophos XG Firewall

Generation of the CSR

Here's how to generate a CSR from Sophos XG Firewall:

  • Go to "Certificates> Certificates". Click on "Add" and choose "Generate Certificate Signing Request (CSR)"

  • Fill in the required fields. In the Common name field, indicate the FQDN of the site to be secured.

  • Click on "Save". The CSR will appear in the "Certificate> Certificates" menu. Download the CSR (2nd icon from the left)

  • The download contains 3 files:

    • certificate_name.csr: the certificate request file.
    • private_key.key: your private key. Keep it preciously for the installation of your certificate.
    • password.txt: this file contains the password that you chose when generating the CSR.

  • Open the file certificate_name.csr (with notepad for example), and copy paste the contents of this one in the order form.

Installation of the certificate

To install your certificate on Sophos XG Firewall, follow the instructions below:

  • Go to "Certificates> Certificates". Click on "Add" and choose "Upload Certificate"

  • Give a name to your certificate

  • In "Certificate File format", choose "CER (.cer)"

  • Fill in the path where your certificate is located as well as your private key.

  • Fill in your chosen password when generating the CSR.

Once the certificate has been uploaded, it appears under "Certificates> Certificates" with a green check mark, indicating that it has been verified with the certification authority and that it is valid.
If this indication does not appear, you must go to "Certificates> Certificate Authorities" and add the intermediate certificate or certificates as well as the root certificate.

Certificate activation

Once the certificate is installed, go to "Administration> Admin Settings". Under "Port Settings to Admin Console", in the "Certificate" field, choose the name of the certificate given previously. Finally, click on "Apply".