This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WEB Protection certificate expired message for lets encrypt certificates

Hello,

we use the sophos Web Protection with SSL scanning enabled. Since today afternoon we get a "certificate expired" message for websites secured with lets encrypt certificates.

i researched a bit and found out that today a root certificate of lets encrypt expired. i deleted the lets encrypt x3 and r3 CA certificates under Web Protection -> Filtering options->HTTPS CAs. And also deactivated the ISRG Root X1 certificate. Then restarted the Web Protection by toggling the Button under "Web Filtering". The issue still persists.

I also tried to clear the cache under Web Protection -> Filtering options->Misc. with no effect.

a website that is affected for example:https://letsencrypt.org/de/certificates/.org

other websites work quite well.

can someone help?



This thread was automatically locked due to age.
Parents
  • Turn off the following CA from Web Protection, Filtering Options, HTTPS CAs:

    • Digital Signature Trust Co. DST Root CA X3

    Restart the httpproxy service.

    • SSH to the UTM
    • sudo su
    • /var/mdw/scripts/httpproxy restart

    (or just reboot the UTM)

    Seemed to do the trick for us.

Reply
  • Turn off the following CA from Web Protection, Filtering Options, HTTPS CAs:

    • Digital Signature Trust Co. DST Root CA X3

    Restart the httpproxy service.

    • SSH to the UTM
    • sudo su
    • /var/mdw/scripts/httpproxy restart

    (or just reboot the UTM)

    Seemed to do the trick for us.

Children