We are testing SSL decryption and are finding that Macs are getting a certificate warning page when visiting https://www.apple.com. The warning says "This website may be impersonating "www.apple.com" to steal your personal or financial information". These Macs do trust our Root CA, so it's not that. I put "www.apple.com" in the SSL Decryption Exclusion list and that resolved it.
Anyone know what is causing this warning? Is it certificate pinning? A couple of our Mac testers also reported that they could not download the Big Sur update over GlobalProtect(www.apple.com was not yet in the exclusion list). Does the Palo need www.apple.com(and maybe others) added to the SSL Decryption Exclusion list in order for Mac updates to work?
If the users are using Safari they'll receive that error unless you exclude the site from decryption, if they utilize something like Chrome or Edge then you won't see that warning.
Generally speaking there's not a lot of Apple services that support being decrypted, and I generally just recommend people bypass decryption for this traffic. Apple does a really good job publishing the exceptions that you need to create HERE
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!