SSL interception can be disabled for a single client IP or for a subnet in CPL or VPM policy.

SSL interception can also be disabled for a single URL/Domain using CPL or VPM policy , With KB-166365.This will not Impact SSL Interception for other URLs or Domains.

Release :

Component :

Disable SSL interception through the VPM:

• Log in to the Management Console (https://<IP_address>:8082).
• In Legacy console Select Configuration > Policy > Visual Policy Manager. Click Launch. In New Admin Console Click Visual Policy Manger option in the top right corner of the Proxy Admin Console GUI.
• In the VPM, select Policy > Select SSL Intercept Layer.
• Click Add Rule.
• Right-click the source field and select Set. In the Web VPM instead of right click do a left click.
• Click New and select client IP/Subnet Object. Specifies the client IPv4 or IPv6 address then click Add.
  (You can use subnet as well)

       If you want to disable SSL for clients for only a certain destination. 
           a. Right-click the Destination field and select Set. In the Web VPM instead of right click do a left click.
           b. Click New and select Request URL Object.
           c. Enter URL in the URL field and then click Add.

• Right-click the Action column, select Set > Disable SSL interception.
• Click Install Policy. Your new policy has been installed.