This is not correct. RFC specify that the chain should be included while
the root ca should not. Also ssl labs check shows an error if the root
ca is sent by the server. So the Fortigate that is acting as an SSL
Server must complain to the RFC
Hi, you can ask Fortinet to check if you have some doubt. These are two
guides to open a ticket for Integrity
verification:https://community.fortinet.com/t5/FortiGate/Technical-Tip-Collect-Indicators-of-Compromise-IoC-debugs-on-a/ta-p/330629https://c...
