Use the Configuration > System > Certificates page to manage the certificate used by the appliance. This certificate is used by the web appliance to create secure connections with browsers for HTTPS scanning as well as the Administrative User Interface.

Note You can either provide your own certificate, or use the self-signed certificate provided with the web appliance.
On the Certificate Authority tab you can select from the following:
  • Original Sophos Certificate The original self-signed certificate provided with the appliance will expire soon. When it expires, the appliance will automatically switch to the new certificate. To prevent end-user warnings, download the new Sophos certificate using the link provided and deploy it to all users. Then, select New Sophos Certificate.
  • Sophos Certificate This option replaces the original Sophos certificate and is available only after you have switched to the new Sophos certificate.
  • Custom Certificate Use your own private key and signing certificate.
Note In the near future, Microsoft, Mozilla, and potentially other companies will begin to block or warn when using SHA-1 based certificates. You can use the new Regenerate Certificates button to switch the Sophos certificate to a more secure SHA-256 signature.