@zenheathen it's such common practice in enterprises. Every webfiltering/utm vendor pushes a SSL interception solution. The browser vendors are complicit too. If you install a third party rootca they allow it to override certificate pinning.