SSL interception can be disabled for a single client IP or for a subnet VPM policy.

SSL interception can also be disabled for a single URL/Domain using CPL or VPM policy , With KB-166365
This will not disturb SSL interception for other URLs or Domains.

Release :

Component :

Disable SSL interception through the VPM:

• Log in to the Management Console (https://<IP_address>:8082).
• Select Configuration > Policy > Visual Policy Manager. Click Launch.
• In the VPM, select Policy > Select SSL Intercept Layer.
• Click Add Rule.
• Right-click the source field and select Set.
• Click New and select client IP/Subnet Object. Specifies the client IPv4 or IPv6 address then click Add.
  (You can use subnet as well)

If you want to disable SSL for clients for only a certain destination. 
 a. Right-click the Destination field and select Set.
 b. Click New and select Request URL Object.
 c. Enter URL in the URL field and then click Add.

If not keep it Any

• Right-click the Action column, select Set > Disable SSL interception.
• Click Install Policy. Your new policy has been installed.