I had a similar issue but not on microsoft.com with FortiOS 6.2.8 and 6.4.7.
As you, I used the SSL deep inspection and I added a lot of exempts for a workaround.
Recently, after reading the 6.4.8 release notes I saw the bug ID 750551 DST_Root_CA_X3 certificate is expired.
I upgraded in 6.4.8 and the issue was solved. I removed the added exempts.
I am really not sure this certificate is used by Microsoft. It is particularly by Let's Encrypt.
You already use the last version in 6.0 branch but nothing related to this bug on the release notes.