Certificate authorities

You can add, download, update, and regenerate certificate authorities (CAs).

CAs are trusted entities that issue digital certificates, which verify the ownership of a user, host, or organization. Ownership is verified through a public key, the owner information, and a private key.

Sophos Firewall distinguishes between these types of CAs:
  • Internal: CAs that were created locally, such as the default CA (Default).
  • Built-in: External CAs that are available on Sophos Firewall, such as Verisign, Entrust, and Microsoft.
  • Uploaded: External or internal CAs that were uploaded to Sophos Firewall.

The default CA is automatically regenerated when it's updated.

The key icon Key icon indicates that you can use the CA for signing certificates.