This page contains lists of domains for which configuring a bypass rule is recommended to ensure SSL Inspection does not break traffic to these domains.

When using Cloud Web Security, the SSL Inpsection feature ensures that all traffic is SSL decrypted and then inspected by default.

Some traffic can be disrupted when having a “man in the middle” for its traffic in the manner that SSL Inspection works. This includes traffic using certificate pinning, Mutual TLS (mTLS) and some using WebSockets. To ensure Cloud Web Security does not break these kinds of traffic, a user can configure exceptions to this default SSL Inspection rule, which would allow the traffic to bypass SSL Inspection.
Note: To configure an SSL Inspection bypass rule, please see Configuring a Security Policy.

Below are some of the domains that are known to break SSL Inspection. It is recommended to create rules to bypass these domains:

Table 1. Microsoft Domains
Table 2. Apple Domains
Table 3. Conferencing Domains*
Note: Zoom has multiple domain names specific to the region where the user is located. Please add a bypass rule appropriate to your region.