While creating a WSS Content Filtering policy rule based on an Active Directory group or username to block (or allow) a certain HTTPS site, the rule is not applying correctly. The HTTP (non-secure) version of the site works fine, but the policy rule to block (or allow) the HTTPS version of the same site does NOT work.
Verdict is not applied due to SSL Interception not working for this HTTPS site. The Web Security Service (WSS) needs to inspect the contents of the HTTPS traffic in order to correctly apply the policy rule that is based on user or group.