Shop

Your Notifications (0)

There are currently no notifications. You're all set!

Demos Trials
Knowledgebase
ChemDraw and ChemOffice+ Products Signals Notebook E-Notebook and ChemBioOffice Enterprise Spotfire and Signals Spotfire Products Image Artist Spectrus, Percepta, Katalyst, Luminata and more
Downloads
Downloads
Community
Ideas Portal Product Basics
About Support
Legal Resources Support and Maintenance Plans Product Life Cycle Support News
Contact Support

Signals Notebook: Zscaler Dynamically generated certificates replace the actual Signals tenant certificate

Murillo, Sergio
  • Updated

Description

Zscaler (and other corporate proxies) implement dynamically generated, trusted MITM (man-in-the-middle) certificates by intercepting HTTPS traffic, re-encrypting and replacing the server certificate with a short‑lived Zscaler‑issued certificate. This can create discrepancies in trust and certificate expiration dates.

Solution

- Identify whether Zscaler (or another SSL inspection proxy) is in the traffic path by comparing the certificate chain when accessing the service with and without the proxy in place and reviewing the issuer and expiration. Signals Notebook certificates are issued by Amazon and are valid for a year.


• Consider adding a bypass/exception in Zscaler for the affected tenant URLs (no SSL inspection), allowing clients to see and trust the real service certificate with standard validity.
• If inspection must remain enabled, review your path forward with Zscaler.
 

Related articles

Comments

0 comments

Article is closed for comments.