I don't know but first I would check if the connection is intercepted by SSL Scanner.
i tested this some time ago in my environment for a POC at a customer.
The dropbox client is not connecting to www when SSL is terminated on proxy.
So you found a way to allow it to connect to www? If you worked on it please share.
What he's trying to say is that the drop box app is hard coded to expect it's own server certificates. MWG generates server certificates using the configured Root CA when using the SSL Scanner. Therefore, if using the SSL Scanner, the drop box application will refused to connect for security purposes. You must exempt the application from the SSL Scanner.
Any idea how this is done?
You just have to add proxy settings to the dropbox client. Afterwards the client uses HTTP(S) and is able to connect.
That sounds good, but how do we do that on 600 computers? There must be a way to bypass the SSL scanning & authentication requests.
Option 1: you configure any dropbox client on endpoint.
Option2: Do a rule tracing or network trace if the dropbox client uses any HTTP Header (like User-Agent) to exclude dropbox client from SSL scan.
No user agent information in the rule traces, just IP addresses.