Support Center > Search Results > SecureKnowledge Details
Bypass/Inspect rule by Category in HTTPS Inspection policy works for some sites but not others
Symptoms
  • A Bypass/Inspect rule by Category in the HTTPS Inspection policy works for some sites but not others.
  • The "Issued To" section of the problematic website's SSL Certificate does not reflect the site that is being accessed.
Cause

HTTPS Inspection categorizes based on the 'CN' or 'Issued To' portion of the website's SSL Certificate.

 

An example of this is as follows:

1) A Bypass rule is in place for the "Gambling" category:

 

2) The majority of sites are bypassed, but not gambling.com

3) The certificate of gambling.com prevents us from bypassing it as 'Gambling', by default. The CN "ssl315896.cloudflaressl.com" will not be categorized as 'Gambling'.


Solution
Note: To view this solution you need to Sign In .