SSL interception can be disabled for a single client IP or for a subnet VPM policy.
SSL interception can also be disabled for a single URL/Domain using CPL or VPM policy , With KB-166365
This will not disturb SSL interception for other URLs or Domains.
If you want to disable SSL for clients for only a certain destination.
a. Right-click the Destination field and select Set.
b. Click New and select Request URL Object.
c. Enter URL in the URL field and then click Add.
If not keep it Any