I recently turned on HTTPS inspection with application control URL filtering and have had several instances where URL site bypasses did not work. Microsoft O365 product activation is one of these, imagine the headache.
The behaviour is outlined in SK122158 which claims that if a certificate cannot be validated that the traffic will show as "Detect" and not bypassed even if the site URL is bypassed. The solution is to either bypass an IP host object, or add the site's CA certificate to the trusted CA list under HTTPS inspection. I am guessing that in order for the prior to work, the certificate is not validated for an IP host object.
Has anyone else run across this, and how did you resolve? Any suggestions and wisdom would be appreciated. I am also being asked to bypass ALL Microsoft traffic. For context I am at R77.30 JHA286 in order to leverage the time quota hot fix.
Thank you in advance.