I found problem in MR3 (working fine in previous release MR-1-Build396)
When user access to Blocked or Warn web Sophos just use default certificate instead of selected one and also didn't issued to valid firewall host namev18 MR1 is work fine it just use Cert that I configured in "Admin console and end-user interaction" menu
SSL interception and user portal still use correct certificate
Hi Tanapol Euaungkanakul, I also experienced this issue as reported here. You could try changing the Web proxy scanning mode from batch to real-time and back again and see if that helps.
Any update on this I also have a CaseNumber:03248790
Hi Tanapol Euaungkanakul,
Apologies for the delays in getting back to you.
Can you check which certificate is selected at Web > General settings > HTTPS decryption and scanning > HTTPS scanning certificate authority(CA)?
Community Support Engineer | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts If a post solves your question use the 'Verify Answer' button.
It set correctly,
HTTPS decryption also work correctly just Blocked or Warn page that not using this cert.
Which Cert is used for UserPortal?
a valid wildcard cert.
and UserPortal in MR3 use this cert. correctly.
Hi, Rhys Goodwin I will try that on off-business hours
For me changing between batch and real-time won't work
Changing to other cert also won't work Sophos just keeps sending wrong cert. to block/warn page.
You guys all use a own certificate, not the sophos certificate. Is this a CA or a "normal" certificate? Is it a wildcard? Can we try to find a matching pattern?
I'm using a cert generated with the XG interface made out to the host name of XG.
The XG interface describes it has a self-singed cert which I don't feel is accurate because it is actually not self-signed but rather signed by the device CA cert: