I‘m glad to see Sophos has a “Managed TLS exclusion list” for exclusion from SSL/TLS inspection. There’s obviously still websites/apps we will find that have issues but I’m not sure what the formal way is to submit those domains. I figure maybe this thread would be a good way for folks to share. This assumes:
1. You’re using the “Managed TLS exclusion list” in the default “Exclusions by website or category” SSL/TLS inspection rule.
2. You’re using the “Maximum Compatibility” Decryption profile in your SSL/TLS inspection rule.
3. You’ve verified TLS 1.3 decryption isn’t the issue (i.e. tried with “Downgrade to TLS 1.2 and decrypt” setting).
Domain - App Type (e.g. mobile app, website, etc.)
instagram.com - Instagram iOS app
facebook.com - Facebook iOS app
fbcdn.net - Loading of media in Facebook iOS app
nest.com - Nest iOS app
ecobee.com - Ecobee iOS app
ring.com - Ring iOS app
cujo.io - Cujo iOS app
