03-09-2021 06:34 PM
Does TikTok actually not use certificate pinning on mobile devices, that's kind of surprising if true. Generally speaking mobile apps like to use cert pinning and you can't actually decrypt the traffic. I would verify via your logs that the proxy flag is actually getting set, and that the traffic is actually getting decrypted as you would expect.
Since TikTok is popular I would open a case with TAC, as you'll likely see pretty quick movement on getting the app-id signature updated if it isn't catching traffic properly. In the mean time, you should still be able to identify TikTok domains via URL filtering logs, and at least get the app into an unusable state by blocking specific TikTok domains that you're able to identify. Last I had to look at this they used tiktokcdn.com pretty heavily and you could pretty much break the app by just blocking that domain.
