Technical Tip: Change form-based authentication certificate.

Description
This article describes how to change form-based authentication captive portal certificate.

Solution
On FortiProxy, the settings in the '# config user setting' are used for the authd process, which is not used by proxy features.
The related settings will be in the '# config web-proxy global'.

# config web-proxy global
    set ssl-ca-cert <certificate name>
end

The certificate of form-based authentication captive portal must be a CA certificate (CA=TRUE). 

In case the traffic is already matched policy and the policy has the SSL profile, then SSL profile's ca-cert will be used instead of the default ca-cert configured under 'config web-proxy global'