WARP Mac client causes Apple Store and Software Updates to not work

I’m testing out the Mac WARP client and am getting strange results when trying to access the Apple App store and/or Software Updates.

If WARP is turned on, and I load the App Store application, I just get a blank window.
Similarly, if I go to the Software Update preference panel, I get an error message: “Unable to check for updates. Make sure you are connected to the internet”.

I am connected to the internet, and I can access all sorts of websites using my browser.

And the moment I turn off the WARP client, I can access the App Store and Software Updates again.

I’ve checked the Gateway DNS log, and don’t see anything being blocked. I also turned off all of my Gateway DNS policies. I do not have any Gateway HTTP policies. But none of that helps.

What could be causing this and how would I fix it?

Warp client or signed into a Cloudflare for Teams org? If the latter your admin should add bypass rules documented in the developer docs.

@cscharff thank you. Yes, I’m logged in to a Cloudflare for Teams org.

I saw the docs about bypass rules.

I guess a better question is: why should the admin (I’m also the admin) need to? I don’t think there’s anything inherently “different” about the App Store and Software Update that makes it any different than e.g. going to the App Store via a web browser. It seems really odd that simply being logged into a Cloudflare for Teams org would prevent anything from working, assuming there are no restriction rules active for the org.

Because those apps specifically use certificate pinning to prevent man in the middle attacks… and TLS decryption by Cloudflare is effectively a MiTM (albeit) on your behalf. Some other apps in Cloudflare’s Do Not Decrypt list do other non-standard things on port 443 which break when intercepted by something expecting HTTP compatible traffic.

Ah, interesting. Thanks @cscharff !

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.