Don't use 5.6 at all. its a pathetic release with poor QA job. If you are in NGFW mode in 5.6 then you are more affected as there can be only a single SSL inspection profile and that will be applied to all the firewall rules, so how great is that.
actually I don't know what you guys have configured... 5.6.3 has some minor troubles here and there, but ssl inspection are doing their job (knowing that from quite some amount of boxes for a lot of customers...)
For NGFW firewall mode:
- Before using that, please get into the concepts first. NGFW mode is intended to MAINLY USE DEEP INSPECTION!
- If you complain, there is only one profile to select - think about why! The firewall needs to re-evaluate sessions after an application detection has happened. therefore it just cannot switch ssl profiles all the time, while processing traffic.
- If you are not fine with that - then NGFW mode might not fit your requirements - or your concept of using seems to go wrong.
And somehow offtopic - Providing some details on the running configuration and the troubles you run into, will help you to receive some support from others here.