Hey mate,
I wanted to tell you something else, just my own experience, as well as one customer I worked with for https inspection. So, when I tested this in the lab (R80.40, R81.10 and R81.20), I would simply install https inspection cert generated (follow on screen prompt) and it would work without any issues. Customer first tested it on one machine and had problem, so he reinstalled the cert and placed it in trusted root and worked fine. Then they tried few machines and some worked okay, some did not, following exact same process.
They had Trend Micro before going with CP, told me they never had this sort of problem, but turns out after they upgraded their environment to R81.10, all just worked fine. So, I would say if you have cert in trusted root, thats 100% correct.
Cheers,
Andy