Hi,
Great news, thanks for getting back to us and letting us know. If you have further issues with the corporate network, let us know and we’ll try and aid you further!
Best regards, Heds
I may have a similar problem, depending on how the VPN works.
I have No hardware? Use VirtualBox to simulate a device for balenaCloud! but it cannot connect to balenaCloud when Zscaler is running.
I suspect that is an SSL issue similar described to the one here.
I remember that I had the same issue with Git/OpenSSL once. To make it work I had to add the ZScaler’s certificates to its CA store but I cannot remember how I did it exactly but I remember it was quite a pain to get it to work (recent s attempts failed, so I deactivated SSL check in my Python projects).
How can I add this certificate to my image balenaOS to enable it to communicate to balenaCloud despite the active Zscaler?
(It still could be that Zscaler blocks VPN connections att all)
How can I add this certificate to my image balenaOS to enable it to communicate to balenaCloud despite the active Zscaler?
Also, you should configure your FW/LB not to inspect VPN traffic on port 443, since it’s not HTTPS (it’s OpenVPN TLS + DH key exchange). This traffic is not parseable by anything other that the two OpenVPN endpoints (client/server).
Setting rootCA in config.json only takes care of the balena hostOS services that require HTTPS communication, you will need to inject the same certificate into your code to enable HTTP functionality there, without resorting to setting verifyTLS:false in your code.