There is a requirement to disable SSL interception only for the URL path and not the main domain.

For example, disable SSL interception for "www.example.com/maps" but not "www.example.com."

Unfortunately, the requirement to bypass SSL interception for a path while still intercepting the main domain is not possible with the current design of the Proxy.

Whenever an HTTPS request is sent in an explicit proxy, the Proxy will only see the main domain in the CONNECT request before proceeding with the rest of the processes, such as policy evaluation, which includes determining whether to intercept the request or not. Therefore, for the Proxy to see the path, it would need to intercept the request first, and only then would it be able to see the path.

In this case, for the Proxy to see the path "www.example.com/maps," it would need to intercept first, and only then would it be able to see the path "maps." However, at this stage, the request has already been intercepted.

Disabling protocol detection for www.example.com/maps under the Web Access Layer or Proxy layer will not help, even though the policy trace did show that the request matched the rule.  The Proxy will still intercept the request.

The only option in this scenario is to disable SSL interception based on the main domain, which is www.example.com. Currently, we do not support disabling SSL interception for specific paths insertion point at end.