When going to sites using AddTrust External CA Root and UserTrust_RSA, while going through a SSLV the session may get resigned by an untrusted certificate due to a certificate chain validation error.
SSLV inspecting traffic with certificate validation enabled.
AddTrust CA Root and UserTrust_RSA certificate expired on May 30th, 2020. Investigating possible issue with handling of cross-signed certificates.
A new trust package was released on June 2, 2020 that removes the expired certificates. Download the new trust package from the SSLV UI under PKI -> External Certificate Authorities -> Trust Package Update Status.
If updated successfully the following message will be displayed, "Updated with new package".
To verify which certificates were removed navigate to Monitor -> System log and search for "download_trust" by clicking on the magnifying glass.