• When WSS Agent (WSSA) is installed on MAC OS, users are unable to connect to Apple resources after enabling SSL interception. 
• Cannot Connect to App Store.
• Receiving the following macOS installer error when trying to upgrade MAC OS

Web Security Service

MAC OS

WSS Agent (WSSA)

SSL Interception

Apple Inc. products and services (including apps like iTunes, iCloud, App Store, etc.) use certificate pinning. They only work if the client is connecting to them along with the specific Apple Inc. SSL public key, and if you are using Cloud SWG (WSS) with SSL interception enabled, this can cause some issues with the access to those services.

 

To solve this issue, bypass SSL Interception for the destination URLs for your particular issue.

The list of domains from apple can be found here.

Instructions how to add domains to SSL interception list can be found here.