For better or worse(?), this is a consistent pattern in TLS as done by FortiGates.
You will see the same behaviour with admin GUI, SSL-VPN, captive portals, HTTPS-type server-load-balancing VIPs, ...
It doesn't technically break anything, which is, I assume, the reason why this has never been addressed.
[ corrections always welcome ]