Traditionally, the Policy Service and the Client filter have had opposing decryption rules. However, as of Client Filter version 9.x the method for decryption within the client filter to align both sets of rules.
So going forward, allow/deny decryption rules will be configured the same, whether they're being added to you Policies or your Client Filter Exceptions List.
In versions 8.30 and below, to disable decryption for a URL, it needs to be set as ‘Block Always’
As of version 9.x, the entry to disable Decryption will be same as the Allow Rule in Webadmin. (Allow).
In the Client Filter> Filter Settings> Filtering Exceptions, the URL will show up as below
where ‘-‘(dash) indicates the initial list and ‘U’ indicates the URL entry type. The ‘U A’ indicates URL allow action which is same when you export a list into the Webadmin.
If you have questions about this, please reach out to email@example.com