Zscaler certificate trust using workspace one

Hi Team,

We are rolled out Zscaler Client connector to Mac endpoints installation is successful but the certificate is not getting trusted according to the below article this is know issue but this can be achieved by using MDM.

We have workspace one as an MDM so need help with workspace one configuration document if yyou have

Hi -

We don’t have a WorkspaceONE specific document for this specifically. In order to get the endpoint to trust the certificate, you will need to run a command via your MDM. This is no different than running any other command with sudo privileges on macOS using your MDM.

You will want to download the Zscaler Root CA cert for SSL inspection from the Admin UI by navigating to Policy > SSL Inspection > Advanced SSL Inspection Settings and select Download Zscaler Root Certificate to download the certificate.
You will want to create a script in WorkspaceONE to “run once immediately”. Please refer to article at https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2011/macOS_Platform/GUID-92D08B1B-9AA8-4C80-9785-5ACA35998032.html

Your package should include the downloaded cert and the script only needs one command which should be run with sudo privileges:
security add-trusted-cert -d -r trustRoot -k <PATH_TO_YOUR_CERT>

1 Like