> whose certificate authority it does not recognize as bona fide
That's a very strange criteria; do you mean that anything that would have been a certificate error gets MITMed instead, rather than rejected? Very strange.
Not just the self-signed ones - also some others... I wonder what the whitelist is. The proxy is the infamous McAfee Web Gateway - I don't know if the list is user-maintained or supplied by the vendor.