From my experience so far, it looks like most of iOS apps whether 3rd party or not simply don't work with SSL decryption enabled. At least Safari accepts the HTTPS signing CA.
My latest challenge is finding what I need to exempt to get iOS Mail default app to work again. Below is what appeared in web filtering log at the time I attempted to check mail when SSL decryption is disabled. I tried created exceptions for all of these but it still isn't working with SSL decryption enabled. Any ideas for those who have encountered this before?
No Decryption
2015:10:03-17:36:22 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.12" dstip="184.51.0.41" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="6463" request="0xe8e3000" url="init-p01st.push.apple.com/.../x-apple-plist"
2015:10:03-17:36:23 *** httpproxy[14760]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="192.168.0.12" dstip="" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0xa00f000" url="courier.push.apple.com/" referer="" error="Host not found" authtime="0" dnstime="199191" cattime="41715" avscantime="0" fullreqtime="472953" device="0" auth="0" ua="" exceptions="av,ssl"
2015:10:03-17:36:26 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.0.12" dstip="17.151.236.37" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5319" request="0xb073000" url="p18-keyvalueservice.icloud.com/" referer="" error="" authtime="0" dnstime="8" cattime="297" avscantime="0" fullreqtime="422287" device="0" auth="0" ua="" exceptions="" category="170" reputation="trusted" categoryname="Personal Network Storage"
2015:10:03-17:36:28 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.0.12" dstip="17.151.236.37" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5319" request="0xca42800" url="p18-keyvalueservice.icloud.com/" referer="" error="" authtime="0" dnstime="7" cattime="360" avscantime="0" fullreqtime="281168" device="0" auth="0" ua="" exceptions="" category="170" reputation="trusted" categoryname="Personal Network Storage"
2015:10:03-17:36:51 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.0.12" dstip="17.173.254.14" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5538" request="0xc9c9000" url="service.gc.apple.com/" referer="" error="" authtime="0" dnstime="26569" cattime="30587" avscantime="0" fullreqtime="31208286" device="0" auth="0" ua="" exceptions="av,ssl"
2015:10:03-17:36:52 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.0.12" dstip="17.173.254.14" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2371" request="0xe71eb800" url="service.gc.apple.com/" referer="" error="" authtime="0" dnstime="7" cattime="317" avscantime="0" fullreqtime="31667619" device="0" auth="0" ua="" exceptions="av,ssl"
2015:10:03-17:37:06 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.0.12" dstip="17.151.236.37" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="6544" request="0xd15d800" url="p18-keyvalueservice.icloud.com/" referer="" error="" authtime="0" dnstime="684" cattime="294" avscantime="0" fullreqtime="251610" device="0" auth="0" ua="" exceptions="" category="170" reputation="trusted" categoryname="Personal Network Storage"
2015:10:03-17:37:40 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.0.12" dstip="17.151.230.4" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4014" request="0xd51a800" url="guzzoni.apple.com/" referer="" error="" authtime="0" dnstime="8" cattime="323" avscantime="0" fullreqtime="245651" device="0" auth="0" ua="" exceptions="av,ssl"
2015:10:03-17:37:45 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.0.12" dstip="17.151.230.4" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="6835" request="0xa206800" url="guzzoni.apple.com/" referer="" error="" authtime="0" dnstime="63755" cattime="304" avscantime="0" fullreqtime="5251182" device="0" auth="0" ua="" exceptions="av,ssl"
2015:10:03-17:37:50 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.0.12" dstip="17.151.230.4" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (No Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4014" request="0xa1b3000" url="guzzoni.apple.com/" referer="" error="" authtime="0" dnstime="8" cattime="290" avscantime="0" fullreqtime="679647" device="0" auth="0" ua="" exceptions="av,ssl"
With Decryption enabled:
2015:10:03-20:41:27 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="172.16.28.104" dstip="17.151.230.4" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4137" request="0xa379800" url="guzzoni.apple.com/" referer="" error="" authtime="0" dnstime="25943" cattime="288" avscantime="0" fullreqtime="5383013" device="0" auth="0" ua="" exceptions="av,ssl"
2015:10:03-20:41:29 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="172.16.28.104" dstip="17.151.227.29" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5322" request="0xe2158800" url="p16-keyvalueservice.icloud.com/" referer="" error="" authtime="0" dnstime="43674" cattime="300" avscantime="0" fullreqtime="268354" device="0" auth="0" ua="" exceptions="ssl" category="170" reputation="trusted" categoryname="Personal Network Storage"
2015:10:03-20:41:39 *** httpproxy[14760]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="172.16.28.104" dstip="" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProContaInterNetwo2 (Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0xce19800" url="courier.push.apple.com/" referer="" error="Host not found" authtime="0" dnstime="48937" cattime="290" avscantime="0" fullreqtime="307143" device="0" auth="0" ua="" exceptions="av,ssl"
2015:10:03-20:41:42 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="172.16.28.104" dstip="17.151.227.29" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5321" request="0xc7bb800" url="p16-keyvalueservice.icloud.com/" referer="" error="" authtime="0" dnstime="7" cattime="26218" avscantime="0" fullreqtime="188056" device="0" auth="0" ua="" exceptions="ssl" category="170" reputation="trusted" categoryname="Personal Network Storage"
2015:10:03-20:41:45 *** httpproxy[14760]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="172.16.28.104" dstip="17.151.227.80" user="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (Decrypt Filter)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4174" request="0xc933800" url="p16-mailws.icloud.com/" referer="" error="" authtime="0" dnstime="7" cattime="364" avscantime="0" fullreqtime="149042" device="0" auth="0" ua="" exceptions="ssl" category="170" reputation="trusted" categoryname="Personal Network Storage"
thank you!
This thread was automatically locked due to age.