This is probably due to a bug and Fortinet has distributed the following information to partners:
Access to Websites blocked using SSL inspection -Bug ID 750551
There appears to be an ongoing issue with the certificate chain of a root certificate authority (ISRG Root X1). This issue will affect all vendors of SSL-inspection products whether deep or just certificate inspection is in use.
This issue has been reported and we will keep you posted on the developments.
Currently, the workarounds are:
Make a backup. At the top right > click your profile > Config > backup
1. Use flow-based web filtering. Note: the firewall policy will need to be in flow-mode as well for this to work.
2. Alternatively in the SSL Inspection Profile > Invalid Certificate > "Custom" and Allow "Expired Certificate" in the interim. (This should be used with caution).
For more info, Please checkout the following links:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.