This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Web Appliance - HTTPS Scanning, Third Party Certificate

Is it possible to import a third party certificate (Entrust, VeriSign, DigiCert) into the Sophos Web Appliance, and use it for HTTPS Scanning? If so, does anyone know how to generate a CSR for the Sophos Web Appliance, maybe using OpenSSL?

This thread was automatically locked due to age.

0 PetrBenda over 11 years ago

Hello MoreCowbell,

You can upload a certificate for https scanning, but it needs to be a Certificate Authority (signing certificate). You won't be able to buy one online I'm afraid - becoming an intermediate CA is a pretty complex and expensive process.
So to use the feature you have to generate your own root CA, which will still need to be added to the browser manually. This is mainly useful if you already have your own CA trusted in the web browser. Otherwise, there isn't much benefit over using the default CA on the appliance.
Fortunately, you can push out the web appliance CA (or your own CA) via group policy to make things easier:
http://www.sophos.com/en-us/support/knowledgebase/42153.aspx
Hope this clears things up.
Petr
:39803
Cancel
Vote Up 0 Vote Down

Cancel