Hi kbolt -
There is no other way to have the device automatically trust the MWG certificate - this is going to have to be done manually.
User-agent is definitely the route to take here. To build a rule for specific user agents, 1st make a user-agent list and the rule criteria would be:
Header.Request.Get ("User-Agent") Matches in List
This doc goes into much more detail and provides instruction on how create a rule using the user-agent:
*You'll need to have ssl scanner enabled and then place the user-agent rule below the sll scanner rule set, if you want your user-agent rule to apply to https traffic*