As a primer, the http-redirect option can be configured for HTTP Virtual Server objects (aka Virtual IPs of type server-load-balance) and allows the FortiGate to redirect client requests from HTTP to encrypted HTTPS (see also: HTTP to HTTPS redirect for load balancing).

However, while this option can be utilized for FortiGates/VDOMs operating in NGFW profile-based mode, it is not available when using NGFW policy-based mode:

FortiGate # config firewall vip
FortiGate (vip) # show
config firewall vip

    edit 'Test-443'

        set type server-load-balance
        set extip 10.1.1.1
        set extintf 'Internal'
        set server-type https
        set monitor 'Test-HTTPS'
        set ldb-method round-robin
        set extport 443
            config realservers

                edit 1

                    set ip 10.2.2.2
                    set port 443

                next
                edit 2

                    set ip 10.3.3.3
                    set port 443

                next

            end

    next

FortiGate (vip) # edit Test-443
FortiGate (Test-443) # set http-redirect enable
command parse error before 'http-redirect'
Command fail. Return code -61

The reason this occurs is because the http-redirect option is a proxy-based feature (i.e., traffic is redirected the the WAD-based proxy). Since NGFW is a purely flow-based mode of operation (e.g., using the IPS Engine), it is not possible to utilize the http-redirect function, and so it is unavailable to be configured.

Several other proxy-based config options are also unavailable when using Virtual Servers in NGFW policy-mode, including http-ip-header, h3-support, h2-support, persistence, and http-multiplex. Consider using NGFW profile-based mode instead if proxy-based Virtual Server functions are required.