A new bug has been introduce in 22.214.171.124, 126.96.36.199, or 188.8.131.52 in relation to using the following CPL policy condition/actions:
http.response.apparent_data_type=(executable,cabinet), detect_protocol(none), or detect_protocol.ssl(no)
If you are using this policy in an explicit deployment under 184.108.40.206, 220.127.116.11, or 18.104.22.168, then HTTPS or HTTP pages may be inaccessible.
This policy is also automatically created when enabling 'Malware scanning' under:
Configuration--> Threat Protection --> Malware scanning.
Possible work-arounds to the problem are:
1) Upgrade to SGOS 22.214.171.124
1) Remove any apparent data type policies
2) Disable Malware scanning
3) Revert back to a previous version of SGOS
4) Enable protocol detection for affected sites (sites that require protocol detection to be disabled may still fail)
This has been raised internally under bug :
Bug 175814 - cannot access HTTPS sites with http.response.apparent_data_type policy under explicit deployment.
This bug has been fixed and is expected to be included in the next GA release of each affected SGOS branch (no ETA at this time).