Disabling SSL Pinning

For agents on a network containing a web security appliance, it might be necessary to disable SSL pining. During this task we will disable SSL pinning using an agent property.

Important Note

This page is only applicable to On-Prem MFA agent versions 1.3.0 or later.

  1. Open the folder where the Okta RSA agent resides. The default installation folder is C:\Program Files (x86)\Okta\Okta RSA Agent\ OR C:\Program Files (x86)\Okta\Okta On-Prem MFA Agent\
  2. From this folder, navigate to current\user\config\rsa-securid\config.properties. Before making changes, we recommend creating a back up of this file. Using a text application such a Notepad, open the file current\user\config\rsa-securid\config.properties residing in the Okta RSA agent installation folder.
  3. As line 6, add sslPinningEnabled = false
  4. Save the file.
  5. Restart the Okta On-Prem MFA Agent service using the available Windows administrative tools.