Forum Discussion

Tomer H.'s avatar
Tomer H.
New member | Level 1
11 years ago

Disabling Certificate Pinning.

Hi, There are many corporate customers who would like to to monitor their SSL traffic VIA a proxy. However, due to the usage of "certificate pinning" in the Dropbox clients this has become impossi...
desktop
Storage space
Richard P.'s avatar
Richard P.
Icon for Super User alumni rankSuper User alumni
11 years ago

Then dont recommend them if you can't recommend them - its as easy as that.

But allowing deep packet inspection doesn't solve all the problems in the world - what if Dropboxes API is a binary one, what then? Demands for the spec to see what's going on? What about binary files? Archives? ISO's? Removing the certificate pinning doesn't automatically make the traffic readable, but it does make it less secure.

If you are uncomfortable with the possibility of data leakage through Dropbox, then don't install Dropbox on your corporate network. Find a solution which you own top to bottom, dont go half way by requiring access to an undocumented proprietary data stream as if thats going to solve your problems.

About Apps and Installations

Have a question about a Dropbox app or installation? Reach out to the Dropbox Community and get solutions, help, and advice from members.

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!