This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Notifications of Global Verification CA expiration.

I started receiving notification on certificate expiration.
I found out it is DST Root CA X3 global verification CA.
I disabled this certificate, but still receive notifications.

How to delete this certificate correctly as there is no delete option in WebAdmin interface.



This thread was automatically locked due to age.
Parents Reply Children
  • Thanks for reporting back, Max!

    There was a problem with sites using an HTTPS certificate signed by the "ISRG Root X1" CA.  In the Americas, this was fixed on 9/30 and probably on 10/1 in the rest of the world.  My lab in Oklahoma and our UTM instance in AWS were both updated about 22:40, so I suspect your UTM was also updated.

    It was still necessary for me to restart the Proxy. You can disable/enable Web Filtering in WebAdmin or run the following command as root:

         /var/mdw/scripts/httpproxy restart

    If you're in the Americas and you want to see if your UTM was updated:

         zgrep 'package="cadata"' /var/log/up2date/2021/09/up2date-2021-09-30.log.gz

    In the rest of the world, I suspect it would be:

         zgrep 'package="cadata"' /var/log/up2date/2021/10/up2date-2021-10-01.log.gz

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA