The first time a user attempts
to browse to an HTTPS site or application that matches the decryption
policy, the firewall displays a response page notifying users that
it will decrypt the session. Users can either click
Yes
to
allow decryption and continue to the site or click
No
to
opt out of decryption and terminate the session. The choice to allow
decryption applies to all HTTPS sites that users try to access for
the next 24 hours, after which the firewall redisplays the response page.
Users who opt out of SSL decryption cannot access the requested
web page, or any other HTTPS site, for the next minute. After the
minute elapses, the firewall redisplays the response page the next
time the users attempt to access an HTTPS site.