OPERATIONAL DEFECT DATABASE
...
...
macOS Ventura 13.0 and higher no longer accept SSL connections to untrusted self-signed certificates. macOS users who connect to WatchGuard Mobile VPN with SSL servers by IP address or who use a self-signed certificate receive a connection error and cannot connect.
Solution (Recommended): We recommend that you install a CA signed SSL certificate and configure Mobile VPN with SSL to connect to the matching host name, instead of using the default Fireware Web CA.For information on how to generate and install a CA signed certificate, go to Create a Certificate CSR and Import and Install a Third-Party Web Server Certificate. You can also watch the Resolve Firebox Certificate Warnings video tutorial. Workaround: If you cannot install a CA signed SSL certificate, follow these steps to add the Firebox Web Server certificate as a trusted SSL certificate to your local keychain. Connect to your Firebox with the Mobile VPN with SSL Client. When the Verify Certificate dialog box appears, do not click Continue.In the Verify Certificate dialog box, click Show Certificate and select the Always Trust check box. Click Continue. At this point, you should be able to connect to the VPN. If you do not see the Verify Certificate dialog box when you connect, click the WatchGuard logo in the upper-right application tray, then select Quit to fully close the VPN client. Relaunch the Mobile VPN with SSL Client and try to reconnect. You should now see the dialog box.If you want to pre-load the certificate, export the Web Server certificate from the Firebox, import it to your keychain, then use these steps provided by Apple to manually update the trust settings: https://support.apple.com/guide/keychain-access/change-the-trust-settings-of-a-certificate-kyca11871/11.0/mac/13.0
WatchGuard Technologies Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
