Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nnair
Staff
Staff

Created on ‎10-28-2025 06:59 AM Edited on ‎11-10-2025 07:18 AM By Moderator

Article Id 416822

Technical Tip: Users facing issue when accessing HTTPS websites, after migrating from one FortiGate to another FortiGate

Description

This article describes that users are facing issues when accessing HTTPS websites after migrating from one FortiGate to another FortiGate when Deep Inspection is in use.
Scope FortiGate.
Solution

When the configuration is migrated from one FortiGate to another, the default certificates will not get carried over. 

For example, the built-in 'Fortinet_CA_SSL'  cert, which is the default for the Deep Inspection profiles, will always be the one included or generated by the device itself. 

 

If the old CA certificate was imported onto a user's device for Deep Inspection, the new certificate will no longer match, and they will get a certificate error when visiting an HTTPS web page:

 

image.png

 

To resolve this, navigate to the Deep Inspection profile in use and re-import the CA cert onto each user's device:

 

ca cert.PNG

Specific steps for this can be seen here:

Technical Tip: How to enable deep inspection and import a certificate in the browser
158
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.