Insecure upstream when accessing Snowflake (account-name.snowflakecomputing.com)

I’m trying to figure out why I’m unable to access our Cloud Snowflake login page on https://<redacted>.snowflakecomputing.com while being connected to Warp Teams. I get Insecure upstream (HTTP Response Code: 526)

image944×1082 41.2 KB

I stumbled upon this thread but nothing helps.

I tried the following in Cloudflare Teams and nothing worked:

• adding an HTTP policy to (Do not inspect for the host <redacted>.snowflakecomputing.com)
• adding an HTTP policy to (Do not inspect for the domain <redacted>.snowflakecomputing.com)
• adding an HTTP policy to (Allow for the host <redacted>.snowflakecomputing.com)
• adding an HTTP policy to (Allow for the domain <redacted>.snowflakecomputing.com)

Cloudflare Teams ECC certificate is also installed and trusted on device

image1028×866 117 KB

Is there something I’m doing wrong or not doing?

Thanks for the help!

As a workaround I set the App Snowflake as Do Not Inspect. Not a really clean solution IMO.

image726×538 19.3 KB

Would still love to understand why it’s not working in the first place…

It’s likely not working because the upstream site/ application uses certificate pinning.

Makes sense now… Thanks for the link @cscharff !

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.