Re: Zscaler Client Connect and Duo Desktop

peter-supply · ‎07-18-2025

We are rolling out Zscaler Client Connect. Once we enabled SSL Inspection, applications stop recognizing that Duo Desktop is installed. The only way to get Duo Desktop to "work again" is to uninstall the Zscaler Client Connect application. Even disabling SSL inspection does not bring Duo Desktop back. How can we get Zscaler Client Connection to work with Duo Desktop? Thanks.

peter-supply · ‎07-19-2025

This is what we see in the Duo Desktop logs:

|ERROR|DuoDeviceHealthLibrary.Communication.TrustedPeerRPC.TrustedPeerRPCConnection|Trusted Peer RPC Connection closed|System.InvalidOperationException Failed to read from network stream|System.ObjectDisposedException Cannot access a disposed object.

DuoKristina · ‎08-12-2025

Duo Desktop does cert pinning, so implementing SSL inspection will cause it to stop working.

Do you see any events in the Duo Desktop log like "Invalid server certificate found; not in pinned list"?

If you reinstall Duo Desktop after disabling SSL inspection in ZScaler, does it start working again?

See this KB article for more information about Duo Desktop's incompatibility with SSL inspection, proxying, etc.

Duo, not DUO.

peter-supply · ‎08-15-2025

Thanks. To get Duo Desktop to work, we had to add a process-based application bypass outlined here: 'https://help.zscaler.us/zscaler-client-connector/adding-process-based-applications-bypass-traffic

DuoKristina · ‎08-22-2025

@peter I am glad you found a solution. Do you mind marking this post as answered by that ZScaler article?

Duo, not DUO.