We're currently running 188.8.131.52 across all web appliances / single management appliance (it's been stable, we've had random issues in the past and do not update unless a specific reason forces us to..).
Today we experienced https scanning issues with some sites. All sites scanned through SSL Labs showed an expired cert 30th May 2020. Relating to this article:-
Has anyone else had https inspection issues today on later firmware versions 4.3.9, 184.108.40.206 or 4.3.10 ??
Does the following bug fix listed in 4.3.9 release notes cover this specific issue?
The trusted CA certificates used for certificate validation have been updated.
Does updating to later versions replace the appliance cert used for https inspection?
Interested in comments from Sophos dev team if they are on this channel.
Thanks in advance!
Response from support ticket
02/06/2020 14:30 BST
The issue related to certificate error for sites using sectigo/comodo in their Certificate path is being investigated by our Dev team and will provide feedback as soon as we have an update.