For example
openssl s_client -connect www.sophos.com:443 -servername www.sophos.com
In this case, No decryption. It is normal.
openssl s_client -connect www.sophos.com:443
In this case, decryption.
I think it's because there is no SNI (Server Name Indication).
The Common Name of the certificate is www.sophos.ccom. "sophos.com" is included in the "Managed TLS exclusion list".
In this case, there should be No decryption. Is this wrong?
If the client does not send the SNI, I want XG to use the Common Name.
Is KB-000035867 invalid?
support.sophos.com/.../KB-000035867
I also want XG to output the Common Name in the log.
This thread was automatically locked due to age.
