If a user goes to a HTTPS site it doesnt automatically come up with a Fortigate blocked this website warning. The user has to click the site not secure warning then it shows it. Is there something I haven't setup correct?
That looks like if you are usng the Fortinet defaultcertificate or some other Certifacte Authority that is not trusted by browsers per default.
To inspect and block https you must do somewhat man in the middle. You need to decrypt traffic look at it and recrypt it to deliver it. And you cannot do that with the certificate origninally used because you don't have the key.
Also if the blocking page is delivered via https the FortiGate will have to crypt it with a certificate.
So you either need to install a trusted certificate onto your Fortigate to use it for encryption or you have to make your browser trust the existing one.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1790 | |
1120 | |
768 | |
447 | |
242 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.