akvzau
Oct 30, 2023Nimbostratus
SSLO http proxy base on category
Currently, we have a requirement to integrate SSLO for user proxy traffic,
- Current proxy policy is authenticated and filters based on user group.
- Certain categories are required to bypass SSL interception but still required to be inspected by proxy policy.
What I can understand is that configuring an HTTP proxy service requires all the traffic to be decrypted otherwise traffic will be bypassed from the service chain since it requires the use HTTP header signal across an HTTP proxy device.
Is there any way to achieve this? or simply if the category needs to bypass SSL interception then it cannot be proxied.
Appreciate your thoughts and feedback