SSL Inspection is working as expected with finacial categories whitelisted. We have a internal user connecting to a external Citrix CAG which is failing due to a expired certificate.
I have added the domain to the SSL inspection whitelist can verify the external CA certificate but the problem still persits until I disable SSL Inspection globally.
I have tried to add a Stop Cycle with the domain in all SSL tests from the root and sub rules.
Do I need to create a log handler to record the exact SSL Inspection rule that is blocking, if so what is recommended above access logging.
Try getting the IP address of the site and put the IP address in the SSL Inspection whitelist and anyother rule that will skip the "Expired Certificate" check.