Accessing HTTP only websites over Zscaler

I’m trying to access http://ip.zscaler.com and http://neverssl.com but the page just hangs saying “Waiting for…”

In Z-App I can see we’re connected over port 443, and Wireshark confirms that there’s an HTTP Unauthorized error occurring due to “Proxy Authentication Required”, and that there’s an http protocol detected over encrypted port.

Does anyone know where in the Admin portal I can configure Zscaler to allow this?

Zscaler excludes ip.zscaler.com from SSL inspection and authentication, but there’s not enough information to drill down on this. It would be helpful to know more about:

  1. your Z-App forwarding profile (for behavior on both trusted and non-trusted locations)
  2. whether you’re on a trusted network or not
  3. what your authentication policy is for trusted locations
  4. what your ssl inspection policy is for trusted locations and for Z-App
  5. whether there are any other components in your datapath that can influence web-traffic behavior (firewalls, proxies, a guest-wifi splash page, …)
  6. what the response is for a regular webpage (try http://portquiz.net )
  7. what the response is when z-app is disabled

If the above doesn’t provide any clear directions you should create a support ticket. Please make sure to include the Z-App logs.

Kind regards, Joost

I didn’t actually change anything, it just started working on it’s own one day… now we have no issue.