1) Import the server certificate.
Go to System - > Certificates and select Create/Import - > Certificate
2) Configure the Virtual Server.
Go to Policy & Objects - > Virtual Servers and select 'Create New'.
Virtual Server configuration
Note: In SSL-offloading choose the imported certificate.
3) Configure the SSH/SSL profile
Go to Security Profiles - > SSL/SSH Inspection and select 'Create New'.
SSL/SSH profile configuration
Note: 'Inspect All Ports' should not be set as the port for this setup is already known and it may lead to a performance degradation.
4) Configure policy
Go to Policy & Objects - > Firewall Policy and select 'Create New'.
Note: Inspection mode must be set to proxy, otherwise the Virtual server will be filtered out in the 'Destination' field.
Related KB article:
Technical Tip: Configure virtual server