To import system policies (e.g. to deactivate the GINA chain repair mechanism) on a SafeGuard Enterprise Client, the system policy must be signed with the company certificate of the SafeGuard Enterprise Database first.
Known to apply to the following Sophos product(s) and version(s)
SafeGuard Management Center
What To Do
To sign a file with the SafeGuard Enterprise Company Certificate, open the SafeGuard Enterprise Management Center and authenticate with a Security Officer who is allowed to open the "Options" dialog and has the right to sign files with the SafeGuard Enterprise Company Certificate.
Within the SafeGuard Enterprise Management Center, open the Options dialog by navigating to "Tools" -> "Options" and select the "Certificates" tab.
Click on "Sign File for Policy Cache..." and choose the file that should be signed with the SafeGuard Enterprise Company Certificate.
A dialog box will confirm the signing process of the file:
The new signed file will be placed to the same location as the source file and will be named %original_file_name%_signed.xml.
Example: When signing a source file called "deactivate_ginachainrepair.xml", the signed file will be named "deactivate_ginachainrepair_Signed.xml" and could now be used to import into a SafeGuard Enterprise Client.