execute : vpn certificate local import
 
vpn certificate local import
Use this command to import a local certificate to the FortiGate unit from a TFTP server.
Digital certificates are used to ensure that both participants in an IPSec communications session are trustworthy, prior to an encrypted VPN tunnel being set up between the participants. The local certificate is the certificate that the FortiGate unit uses to authenticate itself to other devices.
 
VPN peers must use digital certificates that adhere to the X.509 standard.
Digital certificates are not required for configuring FortiGate VPNs. Digital certificates are an advanced feature provided for the convenience of system administrators. This manual assumes the user has prior knowledge of how to configure digital certificates for their implementation.
Syntax
execute vpn certificate local import tftp <file‑name_str> <tftp_ip>
 
Variable
Description
<certificate‑name_str>
Enter the name of the local certificate.
<file‑name_str>
Enter the file name on the TFTP server.
<tftp_ip>
Enter the TFTP server address.
Example
Use the following command to import the signed local certificate named branch_cert to the FortiGate unit from a TFTP server with the address 192.168.21.54.
execute vpn certificate local import branch_cert 192.168.21.54