This article provides the steps on how to update the SSL certificate that the SMC server is using when it connects to the Sophos Mobile Control web console. The following sections are covered:
Applies to the following Sophos product(s) and version(s) Mobile Control
Note: This article assumes that a renewed SSL certificate was retrieved from a Certification Authority. The article does not cover a Reverse Proxy being in place in your environment which might be acting as SSL endpoint for clients.
Be aware: It's recommended to upload the public part of the new SSL certificate to the Sophos Mobile server upfront following the procedure mentioned in the Updating SSL certificate hash for Sophos Mobile client apps section. Instead of using the Auto-discover certificate(s) button the public part of the certificate file must be selected and uploaded. If the Sophos SSL Certificate Wizard is used to create the SSL certificate the required file can be found in the PEM from CA folder.
To successfully update the certificate, follow the steps below.
Updating SSL certificate hash for Sophos Mobile client apps
Once the SSL certificate is renewed, make sure to update the SSL tab within the Sophos Mobile Control super administrator account at Setup > Sophos setup. Otherwise, the Sophos Mobile Control apps will show Error 2033 when trying to synchronize with the Sophos Mobile Control server
To do so, follow these steps:
Note: In case customer have only received a .crt and .p7 file from their Certification Authority. In this scenario, the customer will need to use the .crt file in combination with the private key to manually create the required .pfx / .p12 file by using OpenSSL.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.