"
Did you find a solution to this??
We are looking at using OpnSense as well, but I can't find a manageable way to bypass SSL inspection for groups of sites. On Sophos and Fortigate firewalls we simply bypass SSL inspection for banking, financial, and government categories as a minimum for 2 main reason.
1. SSL inspection on these sites really is invading privacy I feel.
2. SSL inspection often breaks these types of sites as they usually try and detect man in the middle attacks.
We are looking at using OpnSense as well, but I can't find a manageable way to bypass SSL inspection for groups of sites. On Sophos and Fortigate firewalls we simply bypass SSL inspection for banking, financial, and government categories as a minimum for 2 main reason.
1. SSL inspection on these sites really is invading privacy I feel.
2. SSL inspection often breaks these types of sites as they usually try and detect man in the middle attacks.
