The KB describes the steps to troubleshoot the SSL/TLS intercepting issue when the Edge SWG proxy is configured to intercept the web traffic for particular web site, however users are seeing original web site certificate.

Transparent proxy deployment.  

Troubleshooting steps:

1. Run developer tools. Add protocol column under the networking section to make sure H3 protocol is not in use. If this is the case, disable QUIC in the browser as it's not fully supported. Use KB as a reference. 

2. Under the networking section, verify that domain name is correctly resolved and the remote address is indicating the right IP address.

3. Run packet capture on the client machine (using Wireshark as an example)  and Edge SWG Proxy simultaneously to make sure client traffic is hitting the proxy.

4. Make sure destination host or IP is not added to the static bypass list on the Edge SWG.

5. Run policy trace to make sure TLS/SSL inspection rule is applied for the affected destination.