Disable SSL Pinning

For agents on a network containing a web security appliance, it might be necessary to disable SSL pinning.

During this task we will disable SSL pinning using an agent property.

This page is only applicable to On-Prem MFA agent versions 1.3.0 or later.

  1. Open the folder where the Okta RSA agent resides.

    The default installation folder is C:\Program Files (x86)\Okta\Okta RSA Agent\ or C:\Program Files (x86)\Okta\Okta On-Prem MFA Agent\

  2. From this folder, navigate to current\user\config\rsa-securid\config.properties.

    Before making changes, we recommend creating a backup of this file. Using a text edit, open the file current\user\config\rsa-securid\config.properties in the Okta RSA agent installation folder.

  3. As line 6, add sslPinningEnabled = false
  4. Save the file.
  5. Restart the Okta On-Prem MFA Agent service using the available Windows administrative tools.