Difference between revisions of "Fortinet firewall HTTPS certificate setup for VPN"

Latest revision as of 13:04, 7 April 2022

To setup recognized CA based HTTPS certificate for VPN in fortigate firewall use following steps:

Download CA certificate along with trust chain from CA website, email etc.
For example if certificate was signed from GoDaddy then open https://aboutssl.org/go-daddy-root-certificates/ and download Go-Daddy Root certificates from:
- https://certs.godaddy.com/repository/gd-class2-root.crt
- https://certs.godaddy.com/repository/gdroot-g2.crt
Open fortinet firewall admin console. Go to System-> Certificates
Using import CA import both the above certificates from local disk
Convert CA signed certificate to CER/PEM format (---BEGIN---)
For example for pfx to cert convert using:
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes
Import CA signed certificate using import local certificate. Change the type from 'Local certificate' to 'Certificate'. Choose the same CER/PEM file for both certificate and key, if they are both in the same file. Enter desired certificate name.
Go to VPN->Settings. Select new certificate and click Apply.
Try to open the URL with FQDN and verify that certificate is opening without any issue.

Refer:

@@ Line 1: / Line 1: @@
-<yambe:breadcrumb>Fortigate_firewall|Fortigate firewall</yambe:breadcrumb>
+[[Main_Page|Home]] > [[Enterprise security devices or applications]] > [[Fortigate firewall]] > [[Fortinet firewall HTTPS certificate setup for VPN]]
-=Fortinet firewall HTTPS certificate setup for VPN=
 To setup recognized CA based HTTPS certificate for VPN in fortigate firewall use following steps:
@@ Line 21: / Line 20: @@
 Refer:
 * https://www.sslshopper.com/ssl-converter.html
+[[Main_Page|Home]] > [[Enterprise security devices or applications]] > [[Fortigate firewall]] > [[Fortinet firewall HTTPS certificate setup for VPN]]