by adrien » Jan 29 17 9:59 am
Hi
even though apps use HTTPS, in contrast to the web-based version, more apps are choosing to prevent https inspection, and they can do this because the site owner controls the app and so can bake their site certs (or thumbprints) into it.
It's also common for the apps to actually access the sites via different URLs than a browser website would use, e.g. a mobile API endpoint.
I can (and will) upload a policy for this, but you've basically already done it.
Are you seeing the policy getting hit by the client requests? Refresh the policy and it should show hits counts on each item and colour in the path the requests take through the policy.
After the policy the main thing is how and what to match.
Definitely match on Request.Server. With HTTPS there's no full URL until after inspection is set up. That event (ConnectRequest) relates to the CONNECT request that the browser (or app) uses to set up a
tunnel to a server, and so there's no real URL anyway, just the server:port requested.
Then it's just a matter of finding which servers you need in the list.
Regards
Adrien