I was having some trouble with SSL decryption on my chromebooks and after a bit of Google searching I came across this Google article and I wanted to share with others since there was nothing like this in the community. If I didn't exclude these when my chromebook booted I would just end up with a blank box and you could not login or anything. You only option was to power off. This fixed my problems.
https://support.google.com/chrome/a/answer/6334001
For Chrome devices to work on a domain with SSL inspection, some host names need to be exempt from inspection. This is because certificates can only be imported at the user level and are only honored for user-level traffic. Some device-level traffic doesn’t use the SSL certificate to protect users against certain kinds of security risks.
To ensure that Chrome devices work with SSL inspection, you need to whitelist the following host names on your proxy server. For details on how to whitelist host names, check with your web filter provider.
Updates
Dec 2 2015: Added host names to whitelist for single-app kiosk devices.
Aug 5 2015: Added accounts.gstatic.com.
Host name whitelist for all Chrome devices
accounts.google.com accounts.gstatic.com accounts.youtube.com clients1.google.com clients2.google.com clients3.google.com clients4.google.com commondatastorage.googleapis.com cros-omahaproxy.appspot.com dl.google.com dl-ssl.google.com gweb-gettingstartedguide.appspot.com m.google.com omahaproxy.appspot.com pack.google.com safebrowsing-cache.google.com safebrowsing.google.com ssl.gstatic.com storage.googleapis.com tools.google.com www.googleapis.com www.gstatic.com
Host name whitelist for single-app kiosk devices
If you use single-app kiosk devices, whitelist the following host names in addition to the host names listed above:
cache.pack.google.com chrome.google.com clients2.googleusercontent.com lh3.ggpht.com lh4.ggpht.com lh5.ggpht.com lh6.ggpht.com
... View more