Don't think I can do it on a "per host" basis, at least not easily. We don't track the OCSP/CRL endpoints for all the external CAs, and a single issuer could even have multiple.
However, if the "default" doesn't apply to the route...Could I just set the "default proxy" to our outbound one and then on all the routes have it set for "Do not use an HTTP proxy"? Missed this statement on the Docops 'The HTTP options do not apply to HTTP routing, only to other HTTP(S) connections."....so that might work; Guess it would still send out LDAP queries etc via that proxy.
The ultimate goal is to limit what outbound goes through that proxy. So how about going the other direction then. We know what SQL/LDAP hosts would be and that's static, well defined hostnames.
Something like:
Default HTTP Proxy = set for our outbound public proxy
LDAP Hostname = No Proxy
SQL Hostname = No Proxy
Seems like that might work?