McAfee’s product line uses TLS for secure communication. Two certificates validate McAfee TLS chains, including a primary expiring in 2038 and a secondary expiring on May 30, 2020. If either certificate (or both) are present in a customer's environment, TLS will function correctly prior to May 30, 2020. After May 30, 2020, only the primary certificate will be valid. Out of an abundance of caution, McAfee is informing customers.
Generally, certificates are auto-updated through operating systems, and customers will not be impacted. However, in environments where automatic management of root certificates is disabled and the primary certificate has not been manually deployed, customers will potentially be impacted. KB92937 provides information on how to verify and/or install the primary certificate.
If you have an issue with MWG where Web Gateway is blocking access to websites with an error message, then this might be the reason:
Secure web traffic (TLS) is based on a certificate hierarchy. By design, MWG has a feature that blocks websites that don’t have a trusted certificate path.
The expired certificate from this morning is used by many other companies/websites and not all of them have updated their certs. MWG can and will block access to these now untrusted websites if the customer has configured it to do so by the policy. See KB92953 for more details and workarounds.