Let's Encrypt SSL autodiscover
FSD
shared this idea
AdminThomas Lippert
(Principal Product Manager - Mobile, Sophos Features & Ideas Laboratory)
responded
Can you please elaborate a bit more about your requirement. The current description is too short
3 comments
-
FSD
commented
Right now we are using an Nginx reverse proxy in front of the Sophos server.
Let's encrypt SSL certificates are updated automatically every 3 months with no interaction of the administration.
The problem is that Sophos does not recognize the new certificate that the Nginx reverse proxy is using.The result is that *all* our mobile devices cannot connect anymore and causes an error every time the screen is unlocked (on Android devices).
Even worse, the Sophos Secure Mail doesn't work any more. So if we forget to login to Sophos and manually import the certificate it will break all clients for us.
So basically what we are asking is to somehow automate the certificate import via cron or some other process since the functionality is already there. -
Thomas Beinicke
commented
Right now we are using an Nginx reverse proxy in front of the Sophos server.
Let's encrypt SSL certificates are updated automatically every 3 months with no interaction of the administration.
The problem is that Sophos does not recognize the new certificate that the Nginx reverse proxy is using.The result is that *all* our mobile devices cannot connect anymore and causes an error every time the screen is unlocked (on Android devices).
Even worse, the Sophos Secure Mail doesn't work any more. So if we forget to login to Sophos and manually import the certificate it will break all clients for us.
So basically what we are asking is to somehow automate the certificate import via cron or some other process since the functionality is already there. -
FSD
commented
Hi Thomas,
setup -> sophos-setup -> SSL/TLS
"Auto-discover certificate(s)" must be triggered manually. Can this feature be automated?
