This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best practices with https certificates

I have Exchange, web servers, and other applications like Jabber all published through the WAF.  On each application, I have to configure an SSL certificate, then export it, and import it into Sophos to use on the Virtual Webserver.  There are two certificates for every application.  It's a tedious, slow process to configure each site, and maintain them as they come up for renewal.

My question is, is there a better way, or is this the only way to do it?  It seems like in a perfect world Sophos would have the certificate on it, then would pass authentication in the backend to the webservers and exchange servers, with no cert needed on the backend.  But I haven't seen any docs or talk about this, or if it would break finicky applications like Exchange.  I can't go playing around with it much or I'll kick active users off.

So, what do you all do?



This thread was automatically locked due to age.