Please see the attached.
This message appears with websites that I have blocked.
Thanks for your help.
Solved! Go to Solution.
When a secure website is blocked the Fortigate must present the blocked page message using its own certificate which the browser of course does not trust and therefor eyou get the certificate warning.
Hi Miata,
you must set the https-replacemsg option in your webfilter profile to disable (via CLI)
You can find the info here:
http://docs.fortinet.com/...tebook-and-tech-notes#
When a secure website is blocked the Fortigate must present the blocked page message using its own certificate which the browser of course does not trust and therefor eyou get the certificate warning.
Thanks for your reply.
But what if the user adds an exception. Can they still access the website? Is there anyway they can access the website from this message?
If the user adds the exception (trust the invalid certificate) then it should display the fortigate blocked page message.
Also, is there a way to bypass this?
Depends what you want to bypass...
If you want to be presented with the block page, but still navigate to the page, you can set the category action to Warning or Authenticate. If you want to bypass certificate errors and block pages entirely, in OS 5.2 you can exempt FQDN address objects or FortiGuard categories from deep inspection in the SSL/SSH Inspection Profile.
Regards, Chris McMullan Fortinet Ottawa
Thank you very much for your help.
Thank you very much for your help.
Since you're clearly using Firefox, don't forget (easy mistake) that FireFox doesn't use windows store for certificates.
In other words, you can push the certs by GPO for IE, but Chrome and FF require installation into their specific keystores.
If you want to see if its a problem with your intermediary - browse to the page, get past the warning, then view the certificate from the toolbar. You can see what signed the certificate, to determine its the one presented by the firewall, or your attempt to Trust a root CA that is getting you the cert error.
FCNSP
-------------------------------------
"They have us surrounded again, those poor bastards."
-Unnamed Medic
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2678 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.