Preventing certificate warnings (CA-signed certificate)
This example shows how to prevent users from receiving a security certificate warning when FortiGate performs full SSL inspection on incoming traffic. When you enable full SSL inspection, FortiGate impersonates the recipient of the originating SSL session and then decrypts and inspects the content. FortiGate then re-encrypts the content, creates a new SSL session between FortiGate and the recipient by impersonating the sender, and sends the content to the user. "Man-in-the-middle" attacks use a similar process which is why a user's device might show a security certificate warning.
When users receive security certificate warnings, they usually click Continue without understanding why the error occurs. To avoid encouraging this habit, you can prevent the warning from appearing in the first place.
For more information about SSL inspection, see Why you should use SSL inspection.