Uploading a certificate for deep inspection mode
By default, you can download the certificate authority (CA) certificate of the FortiSASE CA, Fortinet_CA_SSL, who signs the certificate used in encrypting SSL connections when performing deep inspection. If desired, you can upload a custom CA certificate and key to perform deep inspection.
To upload a certificate for deep inspection mode:
- Go to Configuration > Security.
- At the top of the security profile group page, in the SSL Inspection section, click Customize.
- Enable Deep Inspection.
- From the CA Certificate dropdown list, select + to import a new local CA certificate and key for use with deep inspection.
- Configure the fields and upload the certificate and key files as needed.
- Click OK.