For now I just need to make sure the following scenario is completely feasible through a Fortigate with FortiOS version 7.0.X with no FortiWeb, other services like TMG, Nginx Reverse Proxy, etc. And if yes, a few general guides to accomplish it.
There is an internal HTTP published site. Internet (external users) are accessing it and the web server cannot service HTTPS requests because of some limitations. So, to make it a little more secure, We're going to:
1- Receive HTTP requests from the external clients and redirect it to HTTPS. (Return the request to the originating client and ask to use HTTPS instead)
2- Get an SSL certificate from a third party with the internal site name on it and install it on the Fortigate so the connection from external client is established to the device by HTTPS with no error or warning.
3- Send the HTTPS received request downside to the internal server using HTTP, getting the answer and return it to the outside client on HTTPS.
Is that all possible without a device such as FortiWeb? Any better idea or consideration maybe?
But please make me sure that the first part (Redirect outside client HTTP request to HTTPS is also feasible cause I think the document you shared is about the SSL offloading (i.e. Process SSL (HTTPS connections) on the firewall itself and send them downstream to HTTP servers)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.