When configuring the Captive Portal Comfort Page (Device > Response Pages), the configured response page is not presented to the user when visiting encrypted (SSL) sites.
The Palo Alto Networks firewall looks for the HTTP GET in order to present the Captive Portal comfort/response page. The firewall cannot see the HTTP GET for the HTTPS traffic unless it is decrypted.
Note: GET is an HTTP protocol that supports several request methods that can be used while sending an HTTP or HTTPS protocol request.
Decrypt the HTTPS traffic to see the Captive Portal Comfort Page. For steps on how to decrypt the traffic, reference the following document: How to Implement SSL Decryption.
Troubleshooting Captive Portal Redirect Page Issues