This site uses different types of cookies, including analytics and functional cookies (its own and from other sites). To change your cookie settings or find out more, click here. If you continue browsing our website, you accept these cookies.
on 07-26-202212:07 PM - edited on 08-16-202205:56 PM by MariaW
Troubleshooting Python-Based Connectors with Zscaler on an endpoint.
This is a guide for when a user cannot connect with a python-based connector (Anaplan, SharePoint Files, Power BI, Tableau Output, OneDrive, Salesforce Input, etc) and is running Zscaler as their endpoint security. Zscaler is not your typical security program, but more of a reverse VPN.
Now when running the workflow, it should connect while Zscaler is turned on
If this works, then the user will need to talk with their Zscaler administrators
Typically, the sub-certifications listed under the root are rotating and will change after a set time.
IE: Root cert stays the same, but the two listed sub certs change every two weeks on alternating weeks
This would mean that weekly the user would need to change the cacert.pem file with the new cert to keep the connection
One way to bypass this is to whitelist in Zscaler the endpoints for the connector.
You will need to run Fiddler to find the endpoint the user is using for their connection
This may not be a viable resolution for all Zscaler administrators since it does leave a hole in the network, but it is the only workaround at this time. When new connectors that look to the Cert Store become available, this workaround will no longer be necessary (some are currently in Beta).
Zscaler is typically only installed on Endpoint machines and not on Server machines
This may not be true for all environments, so the end-user would need to verify with their Zscaler administrators
If a workflow works with Zscaler turned off, then it will work on as a scheduled workflow on Server w/o Zscaler