Bypass HTTPS Inspection by using Request Types

Bypass HTTPS Inspection by using Request Types

Business challenge

The HTTPS inspection Bypass option enables you to define specific websites that are not subject to decryption as they flow through the proxy. Some websites may include personal identification information that should not be decrypt. In order to avoid liability for inspecting this type of information, you may want to specify some or all of these sites for decryption bypass. The selected sites will not be decrypt even if the category or categories that the sites belong to are selected for SSL analysis.

To bypass HTTPS Inspection enabled SafeSquid default configuration

Access the SafeSquid User Interface

clicking on configure in safesquid interface
clicking on search

Edit policy to Enable as TRUE (Inspection Policies)

selecting the true value in enabled
clicking on save policy to save it

Edit policies and profiles to Enable as TRUE

editing the default policies to bypass ssl inspection for applications and categories

How to create new policy to bypass HTTPS Inspection

example of how to create new policy to bypass SSL inspection

Go to Request Types

going to request types in request types section in sidebar
clicking on add new to create a new policy
writing comment for reference and entering regular expression of dropbox as an example to match all the dropbox websites
writing comment for reference and entering regular expression of dropbox as an example to match all the dropbox websites
enabling smart TLD as true to match all the dropbox websites
giving a unique name for the created request type in Added request Types

Go to Access Policies

creating a new policy in access profiles
writing relevant comment, adding the created request type in request type parameter and mentioning the BYPASS SSL INSPECTION in Added profiles
click on save policy to save
Note: Configure Proxy settings in drop box and upload/download files to validate the working




    • Related Articles

    • Setup HTTPS Inspection

      Overview Over the couple of years, the internet is changing its dimensions in terms of security. The web is shifting towards HTTPS, to deliver secure services to users. “The main motivation for HTTPS is authentication of the visited website and ...

    • Bypass Authentication

      Business challenge Stark tech has 200 employees. Star tech need to use proxy authentication to track employees Internet usage. The issue faced by Stark tech for automatic updates (AV, MS, etc), which can't get out because of the proxy authentication. ...

    • How does HTTPS inspection work with SafeSquid

      How does HTTPS inspection work with SafeSquid? 1. When user/client request a secure webpage say https://www.xyz.com (a HTTPS site) from the browser, SafeSquid will get CONNECT request from the client browser. 2. SafeSquid will check configuration ...

    • Generating certificate which is required for HTTPS Inspection

      Importance of Certificates/ Why HTTPS-aware applications, like Internet Browsers, use SSL/TLS protocols to prevent communication with malicious web services. The SSL / TLS protocols enable applications to verify the identity of the remote web ...

    • Enabling HTTPS inspection on SafeSquid User Interface

      Access the SafeSquid interface Go to Configure Page Open Real time content security side menu Open HTTPS Inspection section Enable HTTPS Inspection Note: In newer versions of SafeSquid which are released after June-2017, setup tab is removed. You ...