My mistake, didn't explain well. I have tried to do this in URL filter and contend filter but without success. But now, I see that it works but only if I enable SSL - deep-inspection. But "deep-inspection" gives me problems too.
When using a webfilter with certificate inspection, FortiGate applies an action depending on the category of the website a user is trying to access.
If the site you're trying to reach is categorized as blocked, FortiGate will try to display a blocked page.
In your situation, FortiGate will try to show you a blocked page but you get an untrusted certificate > It's FortiGate trying to get you to show the blocked page instead of your website.
The problem is that everything is HTTPS, and HTTPS can't be broken without a deep inspection profile. So you get the result you described, but normally you don't have the option to skip the warning (the proceed button at the bottom shouldn't appear).
For the version, I recommend v7.0.11 for prod and v7.2.4 for lab.
You can typically block specific pages using a web filter by configuring URL filtering rules. In this case, you can create a rule that targets URLs containing "/contact" or "/contact.aspx" and set it to be blocked. The exact steps to do this may vary depending on the Latest specific web filter or firewall solution you're using. It's best to consult the documentation or support resources for your web filter system to get detailed instructions on how to set up such rules.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.