Sophos Ideas / Sophos Mobile

Sophos Mobile

Suggest, discuss, and vote on new ideas for Sophos Mobile. Countless devices, one solution.

Suggest an Idea...

← Sophos Mobile

Let's Encrypt SSL autodiscover

3 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

FSD shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

3 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • FSD commented  ·   ·  Flag as inappropriate

    Right now we are using an Nginx reverse proxy in front of the Sophos server.

    Let's encrypt SSL certificates are updated automatically every 3 months with no interaction of the administration.
    The problem is that Sophos does not recognize the new certificate that the Nginx reverse proxy is using.

    The result is that *all* our mobile devices cannot connect anymore and causes an error every time the screen is unlocked (on Android devices).

    Even worse, the Sophos Secure Mail doesn't work any more. So if we forget to login to Sophos and manually import the certificate it will break all clients for us.
    So basically what we are asking is to somehow automate the certificate import via cron or some other process since the functionality is already there.

  • Thomas Beinicke commented  ·   ·  Flag as inappropriate

    Right now we are using an Nginx reverse proxy in front of the Sophos server.

    Let's encrypt SSL certificates are updated automatically every 3 months with no interaction of the administration.
    The problem is that Sophos does not recognize the new certificate that the Nginx reverse proxy is using.

    The result is that *all* our mobile devices cannot connect anymore and causes an error every time the screen is unlocked (on Android devices).

    Even worse, the Sophos Secure Mail doesn't work any more. So if we forget to login to Sophos and manually import the certificate it will break all clients for us.
    So basically what we are asking is to somehow automate the certificate import via cron or some other process since the functionality is already there.

  • FSD commented  ·   ·  Flag as inappropriate

    Hi Thomas,

    setup -> sophos-setup -> SSL/TLS

    "Auto-discover certificate(s)" must be triggered manually. Can this feature be automated?

Sophos Mobile: Sophos Mobile Security

Categories

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.