Change Client Authentication Certificate
community.sophos.com/utm-firewall/f/web-...tication-certificate
After playing around with the CC command i was able to:
Change the CA to the one setup under Remote Access > Certificate Management > Certificate Authority.
Change the cert to a new one under Remote Access > Certificate Management > Certificates.
Prob not supported however:
ssh as loginuser
# sudo -
# cc
127.0.0.1 MAIN > endpoint
127.0.0.1 MAIN endpoint > aac
127.0.0.1 MAIN endpoint/aac > ca$
This will list the current CA and the REF name
Press tab key twice to display all CA references installed on the UTM
Set the CA to another one on the system:
127.0.0.1 MAIN endpoint/aac/ca > =REF_CaSig{WHATEVER THE REFERENCE NAME IS}
Output should display:
result: 1
127.0.0.1 MAIN endpoint/aac/ca > ..
127.0.0.1 MAIN endpoint/aac > cert$
This will list the current cert and the REF name
Press tab key twice to display all cert references installed on the UTM
Set the cert to another one on the system:
127.0.0.1 MAIN endpoint/aac/cert > =REF_CaHos{WHATEVER THE REFERENCE NAME IS}
Output should display:
result: 1
127.0.0.1 MAIN endpoint/aac/cert > exit
I then installed the SAA under Windows and chose not to install the certificate at install (Sub CA is already installed as part of GPO).
Ran the SAA program and it works!
Now the tricky part is trying to get it to work under OS X. May have to play around with Keychain abit more.
The change to the CA and cert seems to survive restarts as well.
Hope this may help someone.