XG450 public certificate uploaded but unable to make it default for web policy

Question

we have XG 450 firewall. have purchased public certificate from CA and uploaded successfully but default web policy for HTTPS scan isn't redirecting to that certificate and any browsing is giving certificate error. 
 Please advise where to choose uploaded public certificate so XG450 can use that CA to clear that web surfing error. 
 
 thank you so much.

LuCar Toni · Answer

You cannot bought a CA for HTTPs Scanning. 
 This KBA explains the reason for this "limitation". 
 https://community.sophos.com/kb/en-us/132997 
 Section: Can I purchase a Certificate Authority that allows Decrypt and Scan without needing to deploy anything to clients?