Twitter Application on Iphone and Ipad not working through ProxySG
book
Article ID: 168640
calendar_today
Updated On:
Products
ProxySG Software - SGOS
Issue/Introduction
Error shows on application.
ERROR an error occurred. Please try again later. (TLS trust verification failed)
The browser-based version of twitter works.
Browsing around the ProxySG appliance, the Twitter App is working perfectly.
Cause
The cause for this issue has to do with certificate pining, which requires that the client and server communicate with each other directly. At the time this article was written, the Twitter app on iOS uses Certificate pinning, so SSL interception, (where the ProxySG appliance acts as a man in the middle) causes this communication to fail.
A PCAP shows that the client/server handshake fails when communicating with api.twitter.com.
Further info on the twitter dev site i.e. pinning for this app.
https://dev.twitter.com/overview/api/ssl
Resolution
Workaround
To work around this issue, either add the IP address for api.twitter.com to your static bypass list, (transparent deployments) or disable protocol detection for api.twitter.com (explicit deployments) so that app traffic is tunneled.