This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS scanning Web Protection SSL error ERR_CERT_COMMON_NAME_INVALID

Hi

After Google has updated Chrome, we now have problems accessing websites with SSL.

HTTPS Scanning is enabled on the Sophos UTM and the problem seems to be that Chrome no longer accepts an empty DNS name in the SSL certificate presented in the browser.

Does anyone have a solution to this?

I guess that the best solution would be for Sophos to change the way they generate the "Man in the middle" certificate so that the website URL is listed in the DNS (or SAN) in the certificate.

Anyone?

Kind regards

Karsten Stolten



This thread was automatically locked due to age.
Parents Reply
  • Surely Sophos have had an idea that this was going to cause a problem?  Google have had this planned for months from what I can see, so how does a company as big as Sophos not patch their products in good time, to resolve any issue?  We shouldn't have to resort to changing group policy settings to implement a workaround.

Children
  • colly72 said:

    Surely Sophos have had an idea that this was going to cause a problem?  Google have had this planned for months from what I can see, so how does a company as big as Sophos not patch their products in good time, to resolve any issue?  We shouldn't have to resort to changing group policy settings to implement a workaround.

     

    To be fair, you can find evidence of this hitting any major filtering provider you care to think of. Its not just Sophos being lazy ;)

  • Maybe it's a criticism of the industry as a whole then.  Still doesn't cover Sophos in much glory.