Splashtop Business Access SNI Support

Splashtop Business Access is a remote desktop application.

Problem (Windows devices)

As of this writing, SSL/TLS Server Name Indication (SNI) is not enabled by default by the Business Access software for Windows, therefore, Splashtop traffic appears to the DrawBridge as just the destination IP address instead of the domain name, resulting in interception, and, as the encrypted traffic is either not HTTP, or is using certificate pinning, the remote desktop connection fails to complete, and the session initiation fails.

Solution

1. Ensure the Splashtop software is fully up-to-date.
2. Using the Registry Editory, add the following Registry key to any computer running the Splashtop Business Access / Streamer app:
   
   Path: HKEY_CURRENT_USER\Software\Splashtop Inc.\Splashtop Remote Client for STB
   
   Right-click in the list view for that directory and add a new DWORD value:
   
   Name: EnableSSLSNI
   Type: REG_DWORD
   Value: 1
   
   
   (1 = Enable, 0 = Disable)
   
   
3. Restart the computer for good measure, then verify the remote connection now works as expected.

Example

Screenshot of the new value added above shown in context of other data in the same directory. Note that surrounding key/value data may vary per installation.