The server certificates for the rule update servers used by Messaging Gateway and Messaging Gateway for Service Providers will be renewed on May 1, 2020. Following the server certificate change, neither SMG 10.6.5 and earlier or SMG-SP will be able to access rule updates or SMG software updates from the aztec.brightmail.com or swupdate.brightmail.com servers.
You will see an error, "Connection error 60: SSL certificate problem: unable to get local issuer certificate" when trying to install a license file or download definitions.
Release : SMG 10.6.5 or earlier, SMG-SP systems which have not updated their trusted CA bundle
After the certificate change there is no resolution for SMG versions 10.6.5 or earlier. Customers attempting to update following the server certificate change will need to do a clean install of a supported SMG release (10.7.x) and re-enter any custom rules or groups which have been created.
Due to schema changes, there is no supported mechanism by which a backup of 10.6.5 or earlier can be imported into a SMG 10.7 installation. Some configuration entities such as Certificates, Trusted Certificate Authorities, Application / API certificates and Good / Bad Senders lists can be exported from earlier releases and imported into SMG 10.7.
Messaging Gateway for Service Providers may be updated to use the new trusted certificate authority bundle (trusted.cert.gz) attached to this knowledge base as follows: