[1.] I want to apply the tenant control settings to a desktop application such as Google Drive, but I found a statement that SSL inspection needs to be enabled in order to apply the tenant profile.
●[Tenant Profile] Settings
●[URL&Cloud App Control] Settings
[2.] I also found a statement on the following Zscaler site that SSL inspection needs to be disabled in order to sync Google Drive.
I have went round and round with support and I have actually figured out a solution, by only bypassing SSL on a couple of the google sites while tenant control is in place. Zscaler support provided zero help FYI. A few questions:
Are you using google drive for desktop?
Which FORWARDING PROFILE ACTION are you using in your forwarding profile?
Let me know and I can assist you in getting this fixed.
I will answer below.
[1.] The Google application uses the desktop version. In addition, Google Drive also synchronizes with the cloud.
[2.] Forwarding Profile uses Z-tunnnel 2.0.
So first you need to go here Sign in - Google Accounts and look at the TrustedRootCertsFile setting. You will need to take the roots.pem file and add the zscaler root cert pem to this file. I ended up moving it to a different location because I wasn’t sure if the application updated if it would erase the file. Once you move it to a different location you will need to put in a registry key to tell the application where you put the file (On Windows, but I would assume its the same for Mac). After you have set this you will need to reboot for the registry key to take effect. This portion will fix files syncing up to the cloud.
To fix downloading and logging in you will need to put in the following SSL bypasses.
