3CX DLL-Sideloading attack: What you need to know
Hi everyone!
We are using a Sophos XGS2300 (SFOS 19.0.1 MR-1).
We uploaded a pfx-certificate to the WAF which specifically included only the webserver certificate itself and its intermediate certificate.
But, when we check the site with a tool like https://www.ssllabs.com/ssltest/ we see that the server (e.g. the Sophos Firewall) also sends the root certificate. Which is not what we want and which we don't see when we check sites like microsoft.com.
Are we correct to assume that this is done by the XGS? Is that intentional? Is there a way to circumvent this?
Thanks!
Best regards,
Markus
Hi Markus Quirmbach
You may refer to the below KBA:
https://support.sophos.com/support/s/article/KB-000036242?language=en_US
Thanks and Regards
"Sophos Partner: Infrassist Technologies Pvt Ltd".
If a post solves your question please use the 'Verify Answer' button.
Hi, thanks for your answer!Unfortunately, the KBA does not include my problem. But thanks anyway, it might be a good guide for future issues!