Certificate pinning prevents SSL interception by validating a server’s certificate against known values. When ZIA performs SSL inspection, it substitutes the certificate with one signed by Zscaler’s CA. This causes the handshake to fail for pinned applications. To troubleshoot, an administrator should review SSL logs to identify handshake failures, which indicate certificate pinning issues. Logs will show the TLS negotiation details, including any disruptions.
[Reference: Zscaler Digital Transformation Study Guide – SSL Inspection and Threat Protection > Troubleshooting Certificate Pinned Applications, =================]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit