Need to enable Deep inspection for SSL VPN traffic

Hi,

We are using SSL VPN for our client. There is a requirement from client to scan SSL traffic. We have installed third party CA certificates on Fortigate and Load balancer for SSL traffic. To enable deep inspection , we need to select certificate inspection.

But there is no option to select third party CA in deep inspection policy. When i contacted TAC for this, they said that we need to select certificate which is signed by CA server. But in that certificate CA value is False but TAC said value should be CA:true in order to select this certificate in deep inspection policy. I contacted CA vendor also, as per them whenever any CSR is signed by them CA value is always False.

Can anyone tell me how can i achieve this requirement by client.

Thanks & Regards,

Ashish