This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL Key Regeneration

I've got a client who's RED SSL key is only 1024 bits long.  They are being audited for PCI compliance and the scans are finding this and causing them to fail.  I opened a ticket with Sophos who told me that there is no way to regenerate the key.  This sounds completely wrong to me.  Can someone from higher up than the (worsening) tier 1 support confirm this for me?

If there really is no way to regenerate the keys, how on earth are people supposed to run these devices and remain PCI compliant?  Is bad enough you can't install 3rd party certs on the VPN or RED services...


This thread was automatically locked due to age.
Parents Reply Children
No Data