Creating a bypass list to allow access to sites with certificate errors

When you activate HTTPS Inspection at your organization, all sites with certificate errors are blocked by default. However, you can create a site bypass list that specifies which sites users can access even if there is a certificate error. Users can browse the sites on the bypass list, and they do not see a warning that there is a problem with the site certificate. The maximum number of sites that you can add to this list is 1000.
Consider the security implications of allowing your users to browse sites that have certificate errors. A certificate authenticates the identity of the company behind a website. A certificate error can indicate that the certificate is fake, compromised, or has been tampered with.
SSL encrypted web traffic from the sites on the bypass list is still routed through the Web Security Service infrastructure.
  1. To add websites to the site bypass list
  2. Click
    Services
    >
    Web Security Services
    >
    HTTPS
    .
  3. In the
    Allow access to sites with certificate errors
    section, select
    Enable site bypass list
    .
  4. Click
    Allow
    to confirm.
  5. In the
    Allow access to sites with certificate errors
    section, click
    New
    .
  6. Enter the website address or IP address of a site that you want users to access, even if there is a certificate error.
    • You can add the site as a web address or as an IP address
    • You do not need to add https:// to the start of the web address or IP address.
    • The use of the asterisk (*) as a wildcard in the web address or IP address is
      not
      supported.
  7. (Optional) Enter a description for the site. For example, you could enter a brief reason why the site is allowed, even with a certificate error.
  8. Click
    Add
    .
    The maximum number of sites that you can add to this list is 1,000.
  9. In the
    Active
    column, click
    Off
    to switch bypass to
    On
    .