With more and more tools using cert pinning as a best practice (eg - having and maintaining their own cert keystore) and more and more companies requiring DLP software for their vendors - how can this be managed without causing enormous pain for software developers?<p>As DLP software currently works to essentially man-in-the-middle attack secure traffic; any cert pinned tool will fail without figuring out a workaround.<p>Does anyone have any good ideas or solutions for this? Adding certs or disabling SSL seems to be an afterthought in many tools.