To enable SSL interception:
After you enable SSL interception, your end users might begin receiving SSL warnings in the browser because the CA which signs the intercepted traffic is not automatically trusted by the browsers.
You must manually download the Web Security Service SSL Root Certificate and install it into the browser Trusted Root Certification Authorities. This can normally be pushed out to your browsers through your internal organizations group-policy.
See Install the SSL root certificate below.
By default, the following categories are not intercepted, as they might contain private/personal information:
To edit these categories, select Pass Through Categories and tick the categories to bypass SSL interception (or clear any categories).
You can also bypass specific domains or IP addresses. Click Pass Through Destinations.
See Create SSL Policy.