The reason I ask is that if one could do this, is because one could use the logs to find a list of https sites to white list by counting the number of visits prior to implementation. But something tells me that this isn't the case given the fact that you can't block ssl traffic without some sort of MITM mechanism.
Is it possible to do this afterwards too? So a white list issue could be spotted early?
I've done this on other platforms, it's SSL inspection - the sonicwall has an exemption list for SSL inspection, to populate this list with previously visited SSL hosts you would need to have had configured auditing first. normally what's white listed are your own hosts and the sonicwall does MITM for all outbound ssl connections. to avoid SSL trust errors you will have to use a root CA issued certificate or your local clients will need to be configured to trust the local CA. it can throw some errors with wget, curl etc. if you are using a certificate from a local CA. compiling a white list might be a moot point because even inside those sites they will be calling CSS elements from other SSL endpoints.
