My WSA appliances can service http/https traffic when configured in explicit forward mode (no WSA https proxy enabled).
However I am unable to get Transparent mode https redirection to work unless I enable https proxy mode on the WSA.
An ASA is doing the WCCP redirection for http/https traffic. It appears that http redirection works as expected.
Could somebody explain why http/https work in explicit proxy mode without https proxy enabled on the WSA and is there a way to get https rwccp redirection to work in Transparent mode without https proxy enabled.
So this is the one thing I have struggled with the WSA/ASA WCCP pair for a while. I recently found out that in the ASA WCCP implementation HTTPS DNS traffic is not forwarded to the WSA. Without the DNS information redirected the WSA is unable to filter or see the traffic for HTTPS. So this limitation is actually the ASA, and impacts any ASA WCCP compatible proxy solution.
There may also be a way to change this default ASA behavior.