SSL Certificate expired

Hi Sylvain Poulin 

Could you please check this article for renewing SSL certificate for SGN Client-server communication. Let me know if it helps. 

Thank you Shweta for the answer.

I will give it a try. after reading the article, it seems i need to go through the same process as before.

i'll let you know

Hi - This solution doesn't really answer your question about renewal of the IIS cert, this is guidance for the initial setting up and binding. There IS guidance about renewal of the Company Cert (https://community.sophos.com/kb/en-us/116791) but I can't find any about IIS as you've asked. I have though logged a call with Sophos as I have the same query too and wish to resolve the same thing! If I get a reply I'll update you. I would like to imagine it "should" be as simple as a CSR on the server and installing the new cert - assuming nothing like hostname/DNS has changed! I have a mixed estate here (Mac AND Windows) so it's going to be a little more challenging as the cert resides on my Mac clients - but I'll keep you updated with what they advise!

Hello Michael,

indeed, i tried to do as mentioned but it didn't work.

i will place a call with Sophos because it is impacting all new user and the sync is not working anymore.

thanks for your reply

Ok i finally fixed the problem.

1. create a new certificate with Safeguard Certificate Manager.

2. Import it into your organization Trusted Root Certificates.

3. Export it again but from your Company certificates

4. import the certificate to Safeguard Server IIS.

5. Edit the Biding settings for HTTPS, select the new Certificate.

6. Install the Certificate on computers manually and / or push by GPO

7. Resync Safeguard Client on computer.

Ok i finally fixed the problem.

1. create a new certificate with Safeguard Certificate Manager.

2. Import it into your organization Trusted Root Certificates.

3. Export it again but from your Company certificates

4. import the certificate to Safeguard Server IIS.

5. Edit the Biding settings for HTTPS, select the new Certificate.

6. Install the Certificate on computers manually and / or push by GPO

7. Resync Safeguard Client on computer.

Well done - Good work. I'd still like Sophos's official line on this. I also have Mac clients so won't be quite so easy to push certs to them in the particular configuration we have!

I'd like to see it done with a CSR too, rather than a new cert.

Thanks for the update and well done again for sorting it!