How to bypass SSL interception on the ProxySG in transparent mode

book

Article ID: 170576

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Your ProxySG is deployed in transparent mode, which means the users don't have any proxy settings in their browser.
The SSL interception is globally enabled for all in the policy of your ProxySG.
You want to create an exception and disable the SSL interception for one destination only.

Resolution

Create the bypass rule in your local file policy:

  1. Go to Configuration > Policy > Policy Files > Install Local File from > Text Editor > Install
  2. Append the following rule to your existing policy

<ssl-intercept>
server.certificate.hostname.substring=<insert-the-domain-you-want-to-bypass> ssl.forward_proxy(no)

 

 

Note: detect_protocol(no) has no effect to transparent mode deployments.

Attachments