I am facing a problem with the HTTPS websites, the HTTPS websites are bypassing the policy, when i am browsing to http websites the policy is being applied but when browsing to https websites not even a log for that websites is being logged ?!
I cant enable the content inspection in the SSL scanner because we cant distribute the certificate to all computers!! what I know about https traffic that the URL is sent without any encryption just the content!!
any help please??! it is starting remind me with the ISA
actually, i just need to analyze the URL.host and URL.category i dont need to analyze the content, i've enabling the Set Client Context to analyze the https URLs, but it didnt work, the https traffic is bypassing the policy.
You need "Set Client context" only for Blockpages (if needed)
You may try rule trace (Troubleshooting, Rule tracing central) and check why your rule does not work. Maybe your request does not trigger the rule due to a stop cycle somewhere in the beginning of your ruleset.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.