Since June 1st you may notice that some websites (https) are not working anymore when Fortigate or the Palo Alto Networks Firewall is doing decryption or certificate inspection. Typically you are getting one of the following error messages:
This problem is caused by an expired CA certificate. You will find detailled information and possible workarounds in this PaloAltoNetworks Advisory and in this Fortinet KB article and of course in the Sectigo KB.
UPDATE: Palo Alto Networks has fixed the problem with PanOS 9.0.9 and 9.1.3 which has been released on June 25th, 2020.
Hope that helps.