Fortinet firewall HTTPS certificate setup for VPN

From Notes_Wiki
Revision as of 13:04, 7 April 2022 by Saurabh (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Home > Enterprise security devices or applications > Fortigate firewall > Fortinet firewall HTTPS certificate setup for VPN

To setup recognized CA based HTTPS certificate for VPN in fortigate firewall use following steps:

  1. Download CA certificate along with trust chain from CA website, email etc.
    For example if certificate was signed from GoDaddy then open https://aboutssl.org/go-daddy-root-certificates/ and download Go-Daddy Root certificates from:
  2. Open fortinet firewall admin console. Go to System-> Certificates
  3. Using import CA import both the above certificates from local disk
  4. Convert CA signed certificate to CER/PEM format (---BEGIN---)
    For example for pfx to cert convert using:
    openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes
  5. Import CA signed certificate using import local certificate. Change the type from 'Local certificate' to 'Certificate'. Choose the same CER/PEM file for both certificate and key, if they are both in the same file. Enter desired certificate name.
  6. Go to VPN->Settings. Select new certificate and click Apply.
  7. Try to open the URL with FQDN and verify that certificate is opening without any issue.


Refer:



Home > Enterprise security devices or applications > Fortigate firewall > Fortinet firewall HTTPS certificate setup for VPN