Unable to access app.blackduck.com with WSS agent enabled
search cancel

Unable to access app.blackduck.com with WSS agent enabled

book

Article ID: 214204

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

WSS agent 7.3.1 running on Windows 10 workstation

Users can access internet without issues

Users getting following error while accessing broadcom.app.blackduck.com (broadcom added to mask organisational name*) via WSS.

PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

When WSS agent disabled, all works fine.

SSL inspection bypass added for blackduck.com and app.blackduck.com domains but still having issue.

Environment

WSS Agent 7.3.1 (can happen with all versions)

Windows 10 OS

Cause

Certificate pinning enabled on java based application

Although browser shows access to Blackduck domains, it also accesses other domains in background such as sig-repo.synopsys.com

When these are inspected by WSS, the client application throws an SSL/TLS alert

Resolution

Add SSL inspection bypass for sig-repo.synopsys.com domain.

Attachments