If you are running Sophos Protect for Linux and your updates no longer run on it since the Oct 2022 update aka release 2022.4, there's a relatively easy fix.
Seems they set it to verify certificate authority from /etc/pki/tls/cert, which is a redhat default, so youshould be able to softlink existing CA to it.
example on suse.
ln -s /etc/ssl/ca-bundle.pem /etc/pki/tls/certs/ca-bundle.crt
Thanks for posting about this.
You can find additional information in the following Recommended Read article. - Sophos Protection Linux - Update Support when upgrading on Unsupported Platforms