The Sophos Community will be unavailable from 13:00 to 18:00 UTC this Saturday, October 1st for upgrades. Stay tuned to our Twitter account @SophosSupport for updates.
This article provides information on how to renew a self-signed user certificate (created by SafeGuard Enterprise) that is about to expire.
In SafeGuard Enterprise, user certificates are valid for five years by default (this value can be modified). As soon as the certificate expires, an authentication of that user at the POA will not be possible anymore and requires a Challenge/Response at every boot.
To circumvent this, a certificate renewal must be triggered in the SafeGuard Enterprise Management Center.
Applies to the following Sophos product(s) and version(s) SafeGuard Management Center / Local Policy Editor
What to do
To verify that the renew process was successful, you can go to the SafeGuard Enterprise Management Center under “Keys and Certificates” | “Certificates” |“Assigned certificates” and see the new date set in the "Expires" column.
You can also see this new date set from the client by "Right Clicking" on the SafeGuard System Tray icon and selecting "Display" | "User certificate...".
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.