Compatibility CAA - Mac Catalina - bug

Installing Sophos Client Authentication agent on Mac Catalina, the client is not usable as the "server is not trustworthy"

I am not able to add the certificate der file inside shared folder.

CAA version is 2.0.0, downloaded from XG v18 Client Authentication menu

 

Regards

  • In reply to rfcat_vk:

    Do you have the issue with 17.5.9 only with Catalina or also with earlier versions?

  • In reply to Sivu:

    Hi Sivu,

    I  only have  issues with mail scanning on Catalina, HTTPS scanning works. I am still investigating my iPhone https scanning, the iPad works with https scanning.

    I have been concentrating on getting an v18 EAP box working.

    Ian

  • In reply to rfcat_vk:

    Hi Ian,

     

    I was referring exclusively to the Authentication Agent, if there are any issues authenticating against different XG versions from different macOS versions.

     

    Sivu

  • In reply to Sivu:

    Hi Sivu,

    I don't use the authentication agent. I made the wrong assumption about the abbreviation CAA, my apologies.

    Ian

  • In reply to Sivu:

    Hi, i have the issue with catalina in 17.5.6 and 17.5.9. With macOS Versions lower Catalina there is no problem with the Auth Agent.

  • In reply to 4ng3er:

    4ng3er,

    I shared the XG connection and he identified the issue. It is a known bug and will be fixed. Stay tuned!

  • In reply to 4ng3er:

    So that we are all on the same page: there are 2 issues happening at the moment. 

    1. The CAA installer on macOS Catalina does not work, because the certificate cannot be drag-and-dropped inside the Shared folder. As a workaround, one can use Finder to manually copy the .der file into Shared folder.

    2. Some macOS and XG setup combinations have a trust issue, meaning the user will see an error message "Server is not trustworthy!" after which the CAA terminates.

     

    As of now, Catalina works with v17.5 and v17.5.9, but does not work with v18. Therefore I assume you are having issue no.1 and not 2. Is this correct or are you referring to no. 2 ?

  • In reply to 4ng3er:

    Client Authentication Agent.zip

     and everyone else, the macOS agent is fixed and will be released in the upcoming days, after some more testing. I've also attached it here in case someone needs it earlier.

    Thanks everybody for the detailed reports of the issue. Reference ID is NC-51749.

  • In reply to Sivu:

    Thanks Sivu.

    I download the CAA and trying to execute it, same error arises....

  • In reply to lferrara:

    I am here to provide more logs. Let me know via PM. Thanks

  • In reply to lferrara:

    Just an update for everyone:

    I have been in contact with  and Sophos found the issue and is now working on release a package that works on MAC Catalina 10.15.1.
    Thanks Sivu for your fast support.

    Stay tuned!