In the digital age, the reliance on network communication for information exchange has surged, making encrypted network traffic a linchpin of secure digital interactions. However, while encryption safeguards data, it creates hurdles for network management and security surveillance. Conventional deep packet inspection (DPI) falters when faced with encrypted traffic, and existing studies in this area have drawbacks like reliance on trusted third parties and limited detection capabilities. To address these issues, we present a novel zero knowledge proof based encrypted traffic management( \(\mathbb {ZKP}\) - \(\mathbb {PET}\) ) scheme. By integrating a third-party verifier operating under the honest-but-curious (HBC) model, \(\mathbb {ZKP}\) - \(\mathbb {PET}\) establishes a trustless verification system that effectively and efficiently curbs metadata leakage. \(\mathbb {ZKP}\) - \(\mathbb {PET}\) is implemented with two applications: HTTP traffic blocking and blacklist management. For HTTP traffic blocking, the BTHP circuit is developed to extract version details from TLS traffic and verify compliance, enabling precise traffic control. In blacklist management, tailored extraction algorithms for DoT and DoH encrypted DNS traffic are implemented, and Merkle tree based membership proofs are utilized to decide whether to intercept traffic. Experimental evaluations demonstrate that \(\mathbb {ZKP}\) - \(\mathbb {PET}\) can efficiently enforce diverse network policies on encrypted traffic. It not only safeguards security and privacy but also exhibits outstanding performance, offering a dependable, efficient, and privacy-centric solution for encrypted network traffic management.