Created on
07-14-2009
02:52 PM
Edited on
02-25-2025
12:11 AM
By
Jean-Philippe_P
Description
This article describes the basic steps needed to enable this feature.
FortiOS versions 4.0 MR3, 5.0.x, and higher include a deep scanning option that supports scanning encrypted protocols when used with Anti Virus and Webfilter Profiles. To run this security information, server and client certificates must be obtained.
Scope
FortiOS firmware versions up to the latest branch 7.6.
Solution
FortiOS firmware version 4.0 MR3:
Go to Policy -> Protocol Options -> HTTPS -> Deep Scan -> Enable and select Apply to save the changes.
To avoid the warning message that pops up in the browser when using a custom certificate, a key, and a password will need to be loaded onto the FortiGate, and a certificate will have to be loaded into the PC's web browser.
Related articles:
Troubleshooting Tip : Verifying server certificate on SSL Inspection
Technical Note: FortiGate HTTPS web URL filtering and HTTPS FortiGuard web filtering
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.