The default Cato certificate used by the TLS Inspection policy and Threat Prevention engines was issued in 2015 and expires on Oct. 29, 2025 (in less than 250 days).
Earlier today, we sent a notification regarding the upcoming expiration of your TLS certificate. Unfortunately, that email contained incomplete instructions for resolving the issue. Please disregard the previous message and follow the correct guidelines outlined below.
If TLS Inspection is not enabled for your account, no action is required.
If TLS Inspection is enabled, to ensure uninterrupted service, please complete the following steps in your Cato Management Application before the expiration date:
- Complete the required prerequisites on every device in scope for the TLS inspection policy.
- Activate the new Cato Certificate or upload a new valid custom certificate to the Security > Certificate Management page.
After October 29, 2025, customers who did not activate a new certificate will experience the following issues:
- TLS Inspection will not function properly.
- Threat Prevention services will be unable to inspect TLS-encrypted traffic.
- Users may encounter difficulties accessing HTTPS resources.
For detailed instructions, please refer to the New Default Cato Certificate FAQ guide. If you have any questions or need assistance, our support team is available to help.
We apologize for any confusion caused by the earlier communication.
0 comments
Please sign in to leave a comment.