Windows issues following Core Agent 2.7.6 and Intercept X 2.0.17 update. See KBA 135504 for more information.
We'd love to hear about it! Click here to go to the product suggestion community
Dear ladies and gentlemen,
I would like to use the Sophos XG in transparent email scan mode, but the local anti-virus software (Kaspersky) complains that the (man in the middle) certificate issued by Sophos for the email server was issued with too weak an encryption algorithm.Signature algorithm is sha1, I think sha256 would be betterand the public key is only 1024 bits long, better would be at least 2048.Just like Sophos does when re-encrypting SSL connections.All this would only be a minor problem internally, but I can't disable the re-scan on the client machines, because they are also used outside the secured network.Can you raise the security standards here and issue the POP3, IMAPS and SMTPS certificates with longer keys and better signature algorithm?
Thanks in advance
I think this is possibly being addressed in v18 MR1, but don't hold me to it and I would suggest to submit a support request so that a real case is created.
In reply to rfcat_vk:
Ok i submitted a support request - #9783215