I have Exchange, web servers, and other applications like Jabber all published through the WAF. On each application, I have to configure an SSL certificate, then export it, and import it into Sophos to use on the Virtual Webserver. There are two certificates for every application. It's a tedious, slow process to configure each site, and maintain them as they come up for renewal.
My question is, is there a better way, or is this the only way to do it? It seems like in a perfect world Sophos would have the certificate on it, then would pass authentication in the backend to the webservers and exchange servers, with no cert needed on the backend. But I haven't seen any docs or talk about this, or if it would break finicky applications like Exchange. I can't go playing around with it much or I'll kick active users off.
So, what do you all do?
This thread was automatically locked due to age.
