NET::ERR_CERT_AUTHORITY_INVALID

Question

Hello, 
 I'm testing Sophos XG again and I've got it up and running for the most basic parts (DNS, DHCP, internet). But on all my clients I'm getting certificate errors. 
 Chrome: 
 Your connection is not private. NET::ERR_CERT_AUTHORITY_INVALID. You cannot visit website.com right now because the website uses HSTS. 
 IE: 
 This site is not secure. 
 Error Code: DLG_FLAGS_INVALID_CA 
 I've searched all over and ran into others having this problem. I've added a number of certs and they don't work. I do notice that in Chrome if I add the 
 --ignore-certificate-errors flag I get errors telling me that it's not a supported flag and such and broken https links but the sites do load. Any help will be greatly appreciated.

Nnyan · Answer

So I found my answer. I actually had found half the answer a number of times but this finally fixed the issue for me. 
 Not sure what I am loosing by running XG like this but at least now XG is a viable product for me. Restarting the Tomcat service after disabling the micro-app scanning did the trick. 
 https://community.sophos.com/products/xg-firewall/f/firewall-and-policies/91425/disable-certificate-authority-web-proxy/359198#359198 
 disable the micro-app scanning from console: 
 system application_classification microapp-discovery off 
 and clear the browser's cache 
 If it does not work, restart Tomcat service from XG advanced shell: 
 service tomcat:restart -dsnosync