Forum Discussion
1 Reply
- bizzle90
Cato Employee
Hi Soon,
Thank you for the question.
I believe what you're experiencing Is expected behaviour due to the fact that the Whatsapp application on the desktop (I also believe via the web also) uses certificate pinning meaning we are unable to decrypt the traffic with TLS (as our TLS is like a MITM where we proxy the authentication for the TLS handshake).
This means we are unable to see the data and, therefore, action it through our policies. I am aware that this works with WhatsApp on the web, however, as we now have a specific backend configuration that allows it to work with our TLS engine.
I need to add politely that I am not sure if or when this will work with the application because it uses certificate pinning.
Thanks!