I have a question regarding SSL Inspection.
For most cases, we might use a Self-sign CA, and import the CA and its private Key to the checkpoint for SSL inspection.
However, the CA always needs to use GPO or even manual work to import it to the users' PC to perform SSL Inspection.
If the users lost connection to AD / the PC can't join Domain, they might suffer from SSL error and need IT helps to import the CA.
I wonder if we can use a public CA like signed by Godaddy to perform the SSL Inspection so no longer SSL error comes up from the users side.