Adding an HTTPS Inspection Rule

Create an HTTPS inspection rule to decrypt content of specified URL categories, and apply the rule to selected locations.

  1. Go to Zero Trust Secure Access > Secure Access Configuration > Internet Access Configuration.
  2. Click the HTTPS Inspection tab.
  3. Click Add.
  4. Specify a Rule name and a Description.
  5. Automatically activate the HTTPS inspection rule by enabling the Status toggle.
  6. Configure Locations by selecting one of the following:
    • All locations: The rule affects users from all gateways, IP addresses, and geographic locations.

    • Selected locations: The rule only affects users located at specified Internet Access Gateways, corporate network locations, or public/home network locations with specified IP addresses or geographic region.

    For more information, see Internet Access Gateways and Corporate Network Locations.

  7. Select the URL categories that the rule applies to.
    1. (Optional) Click Add Custom URL Category to specify new Custom URL Categories.
  8. Click the Certificate tab.

    The default CA certificate configured on the Manage Default Certificate screen automatically loads.

  9. (Optional) On the Certificate tab, choose a certificate by selecting one of the following:
    • Reset to Built-in Certificate: to revert back to the default certificate.

    • Select File...: to upload a certificate you want to use in the HTTPS inspection rule.

  10. Click Save.