The CA certificate used for policy authentication can now be configured, instead of being restricted to the built-in Fortinet certificate. By doing this, the authenticated user can be presented with a certificate that is already trusted by their browser and certificate errors can be avoided.