Again, new version, new bugs. As always. Again I'm disapointed.
I don't think that it was tested at all.
For me it is even more annoying, because I have FG 500E, probably first device in Poland. And 5.6.3 is the first firmware from 5.6 tree, I can't downgrade even if I would want. Another thing, 500E doesn't have internal hard disk and can log only to FAZ, but current GA FAZ release 5.6.0 doesn't cooperate with 500E :D
We switched the webfilter profiles also into flow-mode but not helped.
As SSL inspection is certificate inspection it should not throw any ssl related messages when the category is pass or monitor.
You can disable HTTPS replacement messages per profile in CLI.
Regarding flow mode - as far as I've tested, since 5.4 flow/proxy setting per profile unfortunately doesn't work anymore, you have to set whole firewall or VDOM to flow inspection mode. You shouldn't get any replacement message in flow mode though.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.