In troubleshooting authentication issues, you may find the following error in a policy trace:
EXCEPTION(configuration_error): Authentication failed because of a configuration problem
Last Error: Failure to authenticate a tunneled SSL request. This is typically caused when authentication policy is applied to tunneled SSL connections.
Please contact your network administrator to either exempt tunneled SSL traffic from authentication or to create suitable SSL interception policy for first intercepting SSL connections as HTTPS and then authenticating them.
This exception page is issued in cases where proxy is unable to issue an authentication challenge within an encrypted session, because the proxy is not decrypting that session.
Because authentication challenges cannot be injected into an encrypted exchange, authentication must be bypassed for the URL. There are several methods to achieve this:
<Proxy>
url.regex="ssl://" authenticate(no)
Under Destination right-click > Set > New > Request URL > Select Regular Expression Match > add ssl:// > OK > click Install Policy
F. Once both objects are created, select each object and click Add to add the objects to the top right box