Certificate policy

Hi,

I was wondering, maybe someone figured this out. I have a setup where fortigate co-exist with proxy. Problem is, proxy doesnt catch traffic from some certificate signing software. When that soft wants to sign or check some docs, it reaches to various https sources, eg. digicert and so on, to verify cert chains. Is there some clever way recognize this traffic. Right know basicly I need to pass https traffic anyway, because theres always some website not in those i catch via logs and add to special dedicated policy.

I saw some OCSP from globalsign and digicert options in internet databse, but thats just scratching the surface.