Why Zscaler Blocks the Dropbox application because of "Blocked due to Bad SSL record"?


I tried testing Zscaler with the Dropbox application on a computer and Zscaler bocks it because of “Blocked due to Bad SSL record” Policy Reasons | Zscaler but the Zscaler SSL exception list should catch this but it didn’t so I made SSL inspection exclusion of the cloud app Google Hangouts that the Zscaler Web Insights detects that zscaler marks the web dropbox traffic and blocks it because of it thinking that on SSL port non-ssl traffic is being tunneled but it still blocks.

I tried switching between Tunnel 1.0 and 2.0, making exceptions (url ip, fqdn) for the tunnels, allowing the cloud app and url in all policies just in case but nothing helps. When I added the URL mtalk.google.com for Google Hangouts to the exclusion list for tunnel 2.0 or the PAC file then I still can’t connect with ZIA enabled and I have no web logs for something being blocked.

Dropbox is added in the ZDX monitoring so Zscaler should fix this as the Zscaler connector is also the latest version.