This is not due to a bug or a misconfigured ProxySG.
The following article gives a good step-by-step approach to working round this issue. However, it is not possible to work around this issue without an SSL license:
Getting HTTPS exception pages working using newer web browsers
If the preceding article does not prove helpful, then the following two workarounds, which require SSL interception to be enabled, will work in some circumstances:
The first possible solution, which requires enabling SSL interception is:
- ALLOW all CONNECT requests. Deny anything that isn't SSL (for security).
- Enable SSL interception on these CONNECT requests.
The second possible solution, which also requires enabling SSL interception is to replace any "Deny" actions in the Web Access Layer for HTTPS sites with "Notify User" actions. The "Deny" action will return an exception which uses HTTP 403 responses. These are rejected by recent browsers as discussed above. Notify User actions instead use HTTP 200 responses, so browsers will happily accept this and display the message to the client.