Issue-1: we will troubleshoot the issue when customers are unable to upload certificate correctly in sophos XG firewall.
When customer is uploading certificate in sophos XG firewall, he is getting this cross mark error as shown in below image
The cross mark error while we get when uploading any certificate in sophos XG is due to missing of intermediate or root certificates in sophos XG firewall.
Suppose if customer upload the certificate provided by digi cert under certificates >> certificate section he smust upload concerned digi cert root and intermediate certificates in sophos XG firewall under certificates >> certificate authorities section.
Once you upload both root and intermediate certificates cross mark will change to tick mark.
In case if mark do not change try to delete the certificate under certificates >> certificate section and reupload it.
If you follow the above steps cross mark issue will be resolved.
Issue-2: We will troubleshoot the issue when customer uploaded certificate but its not listing under user portal or VPN settings.
Sometimes even after uploading certificate to sophos XG firewall it cannot be uploaded to concerned settings like user portal and VPN settings as shown in below images
First check if the certificate is uploaded correctly and concerned root and intermediate certificates present in the firewall.
You can check it by observing status of the trusted tab as shown in below image
If its showing as tick mark then you did not uploaded the private key when you are uploading certificate.
When you are uploading certificate you must upload both certificate and private key in the sophos XG firewall as shown in below image
After uploading private key it will be listed in concerned settings like user portal, VPN settings etc
Hope this article helps you