Applications that do not function properly when the
firewall decrypts them are automatically excluded from SSL decryption.
For a current list of applications the firewall excludes from SSL
decryption by default, see List of Applications Excluded
from SSL Decryption.
Exclude certain URL categories or applications that either
do not work properly with decryption enabled or for any other reason,
including for legal or privacy purposes. You can use a decryption
policy to exclude traffic from decryption based on source, destination,
URL category, service (port or protocol), and TCP port numbers.
For example, with SSL decryption enabled, you can choose URL categories
to exclude traffic that is categorized as financial or health-related from
Exclude server traffic from SSL decryption based on the Common
Name (CN) in the server certificate. For example, if you have SSL
decryption enabled but have certain servers for which you do not
want to decrypt traffic, such as the web services for your HR systems,
exclude those servers from decryption by importing the server certificate
onto the firewall and modifying the certificate to be an