This article explains the 'Force Certificate Inspection' option in FortiSASE Firewall Policy.
FortiSASE Firewall Policy Configuration.
Once this option is enabled, the Firewall policy will use 'Certificate Inspection' only and will not perform SSL deep inspection, even when SSL deep inspection is defined in Profile Group.
The below features will not work if 'Force Certificate Inspection' is ticked in the firewall policy:
If using the above feature, do not tick 'Force Certificate Inspection' in the Firewall policy.
This option can be ticked to surpass deep inspection for certain security-intensive traffic. For example, banking or financial sites (Banking websites may not allow deep inspection).
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.