Hello,
I'm helping some families setup filtering boxes using the 50 user home license and I'm wondering if there is a more user-friendly way of handling full SSL scanning. I can import the certificate Sophos generates into the browser (Firefox) and it works reasonably well but certain sites still don't like that they are being intercepted by a self-generated certificate. Just as an example, Google requires users to fill CAPTCHAs almost constantly in order to do basic searches.
StartSSL offers free level 1 certificates and NameCheap offers something similar from Comodo for about $10. Since these certificates would be generated by CAs that Google trusts, I assume some of these annoyances would disappear.
Has anyone attempted something like this? Are there other solutions to this problem that I am overlooking?
Alternatively, scanning the URL of SSL enabled sites is an option but I'm wary of the effectiveness of this. Can anyone comment on how thorough this is in comparison to properly configured deep SSL scanning?
Thanks for any help!
This thread was automatically locked due to age.
