Prior to Windows client version 2.9.13, access to the Silo service was restricted by certificate pinning. This meant that the client would validate the server certificate using pre-installed clients shipped with the client. The side-effect of this is that SSL inspection/decryption was not possible and customers needed to white list our infrastructure IPs in order to allow for the certification validation process to complete.
Starting with Windows client 2.9.13, the default behavior of the Silo client is to connect without certificate pinning. This allows customers to decrypt traffic between the client and the Authentic8 servers.
Enabling Server Validation
It is possible with Windows client 2.9.13 and beyond to enable server validation. This requires making changes to the registry on the local client computer. Here are the details:
(when not set)
You may also copy and paste the registry info here into a registry file to enable this feature:
Windows Registry Editor Version 5.00
If Silo was installed programmatically via desktop management software (i.e. install was made in machine scope to in program files (x86) and not at the user scope level), then this registry key will need to be written to the following path:
Please contact Support if you have any additional questions and/or require further information.