Boxcryptor Authentication behind Zscaler Proxy

PDSI

Hello,

I'm having problems authenticating to Boxcryptor when passing throught the Zscaler proxy.
It seems to be because Zscaler have the SSL inspection engine active and it cannot be deactivated.

There is any way to fix this? Should Boxcryptor servers recognize the CA of Zscaler?

Thank you

Robert

Hello,

Currently, it is indeed not possible to use Boxcryptor behind a Zscaler proxy. Boxcryptor verifies the SSL certificate used to communicate with our servers at api.boxcryptor.com in order to prevent man-in-the-middle attacks.

Zscaler replaces our certificate to encrypt the data-in-transit with their own certificate so that their proxy can decrypt the traffic. This is actually a sort of man-in-the-middle attack which we protect our users from - and we have no plans to change that.

I'm not too familiar with Zscaler's configuration, but maybe you can exclude a domain from SSL inspection? If so, it should be enough to exclude api.boxcryptor.com.

Best regards,
Robert