Could you please install the required Root CAs for your own services on all Sophos Security devices?
See here: https://download.astaro.com which is linked on the Web GUI of SG is blocked by XG web filter
Of course I can work around that but it is some kind of ugly if I see such issues within the Sophos product family.
2021-05-06 18:22:40SYSTEMmessageid="17917" log_type="Event" log_component="HTTPS" log_subtype="System" dst_ip="52.19.29.214" message="HTTPS access is denied due to invalid server certificate. Disable "Block invalid certificates" from "Web -> General Settings -> HTTPS Decryption and Scanning" to access HTTPS site '">https://download.astaro.com/'" user_agent="" status_code="403" sentbytes="0"
This thread was automatically locked due to age.
Quote