9.715, fw-notify.net not reachable after regenerating signing CA cert

Question

Running 9.715 
 My HTTPS signing CA cert was due to expire in the next 30 days so I regenerated the cert: Web Protection / Filtering Options / HTTPS CAs / Regenerate 
 After doing this internal hosts were not able to retrieve the new cert from http://passthrough.fw-notify.net/cacert.pem, connections time out 
 I have done the following but nothing resolves the issue: 
 1) Uploaded the original cert to the UTM 
 2) Didn't find any clues in the logs 
 3) Regenerated another new cert 
 4) Rebooted 
 5) Waited overnight for some magic to happen... ;-} 
 At this point I'm stumped and am looking for help to resolve this. 
 --Larry

Fahnoe · Accepted Answer

I just rolled back to 9.714 and found that the same timeout on http://passthrough.fw-notify.net/cacert.pem which was not what I was expecting. Turns out that the system I was using to test pulling the new CA cert was routing through a *different* firewall which didn't know anything about Sophos' fw-notify.net... 
 So, this is clearly a self-inflicted wound. I am sorry to have wasted anyone's time on it. 
 --Larry

9.715, fw-notify.net not reachable after regenerating signing CA cert

Top Replies