The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
iTunes application cannot log in when HTTPS Inspection is enabled
Gaia, SecurePlatform 2.6
Platform / Model
The iTunes application is not able to connect, or user cannot log in.
SmartView Tracker / SmartLog shows logs of the gsa.apple.com certificate not being signed by a trusted CA.
Bypassing HTTPS Inspection using a custom site *.apple.com or gsa.apple.com does not resolve the issue.
Apple uses certificate pinning in their iTunes application, and iTunes application refuses the connection when a self-signed certificate is offered by the Security Gateway with enabled HTTPS Inspection.