The firewall provides a predefined SSL Decryption Exclusion list
() for commonly used sites that
break decryption because of technical reasons. You can remove predefined
sites from the list by clicking the checkbox next to the site hostname
and then clicking
Disable
, and you can add sites to the list.
Use the Decryption Exclusion list only for sites that break decryption
for technical reasons, don’t use it for sites that you choose not
to decrypt. If decryption breaks an important application,
add it to the Decryption Exclusion list to
create an exception for the specific IP address, domain, or common
name in the certificate associated with the application. Some internal
custom applications may break if you decrypt them.