I am facing a problem with the HTTPS websites, the HTTPS websites are bypassing the policy, when i am browsing to http websites the policy is being applied but when browsing to https websites not even a log for that websites is being logged ?!
I cant enable the content inspection in the SSL scanner because we cant distribute the certificate to all computers!! what I know about https traffic that the URL is sent without any encryption just the content!!
any help please??! it is starting remind me with the ISA
Thanks in advance.
As long as you don't enable content inspection you can only analyze the url.host part of the url.
Using this property you can filter and define rules for bypassing the policy.
The path and file part is not avaible for HTTPS without content inspection.
thank you Frank,
actually, i just need to analyze the URL.host and URL.category i dont need to analyze the content, i've enabling the Set Client Context to analyze the https URLs, but it didnt work, the https traffic is bypassing the policy.
You need "Set Client context" only for Blockpages (if needed)
You may try rule trace (Troubleshooting, Rule tracing central) and check why your rule does not work. Maybe your request does not trigger the rule due to a stop cycle somewhere in the beginning of your ruleset.