If you are running Sophos Protect for Linux and your updates no longer run on it since the Oct 2022 update aka release 2022.4, there's a relatively easy fix.
Seems they set it to verify certificate authority from /etc/pki/tls/cert, which is a redhat default, so youshould be able to softlink existing CA to it.
example on suse.
ln -s /etc/ssl/ca-bundle.pem /etc/pki/tls/certs/ca-bundle.crt
This thread was automatically locked due to age.