If the old FortiGate is still up, you can grab the old CA certificate snippet from CLI: show full vpn certificate local Fortinet_CA_SSL
If not, grab the same object from its configuration backup (config vpn certificate local -> edit "Fortinet_CA_SSL" ...).
Then paste the entire config snippet into the CLI of your new FortiGate (including the encrypted private-key, password, and certificate fields). Note: I am not sure if the default CA is modifiable. Ff it is not, you may need to paste the old CA in with a different name (e.g. "Fortinet_CA_SSL_old") to avoid the name conflict. Afterwards you will need to edit your SSL inspection profiles and set them to use the old CA certificate.
[ corrections always welcome ]