Decryption Rule Unsupported Features

RC4 cipher not unsupported
The Rivest Cipher 4 (also referred to as RC4 or ARC4 cipher is known to have vulnerabilities and is considered unsecure.
decryption policies identify the RC4 cipher suite as unsupported; you should configure the Unsupported Cipher Suite action in the decryption policies policy's Undecryptable Actions page to match your organization’s requirements. For more information, see Default Handling Options for Undecryptable Traffic.
Passive, inline tap mode, and SPAN interfaces not supported

TLS/SSL traffic cannot be decrypted on passive, inline tap mode, or SPAN interfaces.