List of domains to bypass apps for SSL Interception

Updated 2 days ago by admin

If you intend to bypass an app from SSL Interception, you will lose all visibility of that app in the App Analyse report. For some apps, this is the only option to allow them to work.

Add the following domains for the chosen app to a Bypass Category using the Bypass Domain for SSL Interception bypass type, and ensure the category is active in your Gateway Configuration Profile.

Instead of bypassing, you can encourage users to use the web browser on their mobile device or desktop computer to access the web version of the app.

App

Device / OS

Domain(s)

Bypass Type

Facebook

Android & iOS

facebook.com

fbcdn.net

Bypass destination domain for SSL Interception

Twitter

Android & iOS

twitter.com

twimg.com

Bypass destination domain for SSL Interception

YouTube**

Android & iOS

youtube.com

m.youtube.com

Bypass destination domain for SSL Interception

NatWest*

Android & iOS

natwest.com

Bypass destination domain for SSL Interception

Nationwide*

Android & iOS

nationwide.co.uk

Bypass destination domain for SSL Interception

Lloyds Bank

Android & iOS

lloydsbank.co.uk

Bypass destination domain for SSL Interception

Strava

Android & iOS

strava.com

Bypass destination domain for SSL Interception

American Express*

Android & iOS

americanexpress.com

Bypass destination domain for SSL Interception

Monzo*

Android & iOS

monzo.com

Bypass destination domain for SSL Interception

Paypal*

Android & iOS

paypal.com

Bypass destination domain for SSL Interception

Santander*

Android & iOS

santander.co.uk

Bypass destination domain for SSL Interception

Revolut

Android & iOS

revolut.com

Bypass destination domain for SSL Interception

EE

Android & iOS

ee.co.uk

Bypass destination domain for SSL Interception

BT Sport

Android & iOS

sport.bt.com

Bypass destination domain for SSL Interception

Arlo

Android & iOS

arlo.com

Bypass destination domain for SSL Interception

Outlook App

Android & iOS

office365.com

office.com

Bypass destination domain for SSL Interception

Apple App Store

iOS

mzstatic.com

apple.com

itunes.com

Bypass destination domain completely

*Recommend enabling the Bank SSL Bypasses default category.

**This bypass was not required during the last testing of the application - December 2020.


How did we do?