Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1369 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

The Big PKI and certificates

pappaous
I have the free software only version of Astaro Gateway 7.04.

I noticed on many websites where frontend certificates are not getting authenticated. Hotmail, now IE7.0.60001.180000 now states the website certificate is invalid, where in bypass, it does not complain. I found this on many of the authenticated sites I go to. I have cleaned up my local certificates that expired, I know most people dont even look. Also the WebAdmin IE complaints about certificates does not go away. I do not have backend authentication methods setup like AD, Radius, etc. Is this what is missing and a domain registration + purchased certificate? What is the poorman's solution? Any ideas? suggestions?
Pappaous[H]


This thread was automatically locked due to age.
Parents
  • 0
    Hi, pappaous, welcome to the Astaro User BB.  It sounds like you have a strong IT secruity background, so I look forward to your contributions here.  I don't think you'll get much response to this thread.  There are way too many questions in it.  The most successful threads here are ones that ask a simple question or that present a straight-forward scenario.

    In partial answer to your questions, your Astaro package came with about 130 Global Verification CAs.  No more will be added unless you add them explicity, and the CAs on other devices (including Astaros) are never consulted.  If you see a CA that you don't want considered, just click on the switch beside it to turn it off.

    Here are two other threads that might help you understand how the MitM HTTPS proxy works in the Astaro.  

    https://community.sophos.com/products/unified-threat-management/astaroorg/f/55/t/43992

    https://community.sophos.com/products/unified-threat-management/astaroorg/f/95/t/66978

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Sir, You are ausome. Thank you for those links. I beleive there is enough to construct the complience directions and choice Astaro. I hope I have enough to make a contribution.

    Pappaous
Reply Children
No Data