WSS agent 7.3.1 running on Windows 10 workstation
Users can access internet without issues
Users getting following error while accessing broadcom.app.blackduck.com (broadcom added to mask organisational name*) via WSS.
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.
When WSS agent disabled, all works fine.
SSL inspection bypass added for blackduck.com and app.blackduck.com domains but still having issue.
WSS Agent 7.3.1 (can happen with all versions)
Windows 10 OS
Certificate pinning enabled on java based application
Although browser shows access to Blackduck domains, it also accesses other domains in background such as sig-repo.synopsys.com
When these are inspected by WSS, the client application throws an SSL/TLS alert
Add SSL inspection bypass for sig-repo.synopsys.com domain.
HAR file may not b available if a thick client is running, but could use Fiddler instead.
HAR file/Fiddler will show what domains user is going to.
After getting Symdiag output and extracting InTunnel PCAP, check all SSL handshaked sessions to the domains from HAR file, and identify failing ones. These need to be added to SSL inspection bypass.