Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/support/surf/en-us/index.html?contextId=sf-low-expired-certificate

Expired Certificate

Low

Explanation

If an expired certificate is used for HTTPs, administrators can't be assured of the connection security. The sessions could be compromised including being subject to a MITM (man-in-the-middle) attack. The SFOS offers a selection of automatic update intervals.

Resolution

If a CA expires or is compromised, your firewall can regenerate it. To regenerate a CA, do as follows:

  1. Go to Certificates > Certificate authorities.
  2. To regenerate the default certificate, go to the Manage column and click Regenerate certificate.

Related information