SSL (one time) error using Webfilter and Certificate Inspection
We are using a FortiGate 200E here, and this problem began after our last upgrade, we went from version 6.0.11 to 6.2.7.
As soon as we try to enable Web filtering, first connexion to a website throws an error in the web browser, complaining about the fortigate issuing the certificate. But if we hit reload on the page, the connexion works perfectly. Acces to the site is then possible for some hours, and, after a while, the same error occurs -> 1 time forti CA issuer, hit reload, and it works fine...
All websites are subject to this error : google, any media, even fortinet.com and this forum
I've been trying quite a few things to see what would cause the problem :
- With the SSL inspection "default" or or a "custom" certificate-inspection , result is the same
- without webfilter, no error when accessing a new web site.
- Without Webfilter, I can add any default security profile, no error.
The fortigate mode is "profile-based", no central SNAT, no VDOM.