tls verification errors must be logged
As long as you open a https page via browser you may see that there is an ssl verification error and xg did block traffic.
as tls verification is also implemented in FTPS (Scan FTP for Malware) you wont get any message on fails, you just can imagine that traffic won't pass because of an tls error.
same if https is use by applications e.g. internal software updates
Version 18 has a new SSL/TLS decryption engine that provides much more log informatino about success or failure of SSL/TLS connections