This article discusses what steps need to be taken in order to get some of the most popular Mobile Apps working through your Smoothwall Filter and Firewall, without affecting filtering of the desktop based version of the App.
More and more applications are beginning to use certificate pinning, which causes mobile applications to not work correctly if a decrypt and inspect policy is in place. This article provides steps which allows popular mobile applications to continue working with a decrypt and inspect policy by adding specific sub-domains (were possible) to a ‘Do not inspect’ policy.
This article discusses what subdomains or categories you need to insert into a ‘Do not Inspect ‘policy in your HTTPS inspection policies table.
The applications are as follows, all of these apps use certificate pinning:
- Facebook Messenger
|Facebook App [NEW]||See our knowledge base article, Allowing Access to the Facebook & Facebook Messenger Mobile App.|
|Messenger||Facebook App [NEW]|
|Instagram App [NEW]||See our knowledge base article, Allowing Access to the Instagram Mobile App.|
|Twitter App [NEW]||See our knowledge base article, Allowing Access to the Twitter Mobile App.|
|You can content filter Pinterest through the web on all devices. You can access the App but you can't do any filtering in the App.|
|You should still be able to content filter YouTube through the browser on all devices. You will be able to access the App however you won’t be able to do any filtering in the App.|
- For the Apps without released categories, you'll need to create a custom category, see our help topic, Creating custom categories:
- Domain/URL filtering: Enter the Subdomains/Category listed in the table in this article.
- Set up a Do not Inspect policy for those categories with these settings, see our help topic, Creating HTTPS inspection policies:
- Who Everyone*
- What Pinterest App
- Where Everywhere*
- When Always*
- Action: "Do not inspect"
*Change these values based on your own needs.