we have currently multiple deployments with customers ongoing. Some of our customers also use the ZApp for iOS. Due to the high amount of Apps on iOS devices which are using certificate pinning or other mechanisms to protect the SSL connection, we try to avoid the SSL inspection completly for these devices types. Obviously this is not an option for all customers, so in this case we add every application which doesn’t work with SSL inspection to the exceptions (with destination domains). This leads to a high configuration workload and also deactivates the SSL inspection for this domains for our Windows clients.
Is there any better way to handle the SSL inspection here? What are the recommended settings for iOS devices?