Testing PKI authentication
Use this procedure to test whether PKI authentication is working properly.
To test PKI authentication
1. From a client browser that has been configured for PKI authentication, enter the URL of the webmail server.
2. Verify that a Confirm Certificate prompt appears.
3. If the
Confirm Certificate prompt appears, select
OK and go to step
5.
If the certificate confirmation prompt does not appears, it might be because the FortiMail HHTP server has not yet loaded the new settings. Enter the following CLI command to manually enforce a reload of the configuration.
exec reload
4. Return to step
1 and try the URL again.
5. The user is automatically logged on. The FortiMail webmail account and all appropriate folder appear in their browser.
This confirms that the certificate bound to the end-user browser is valid, and that PKI authentication is working properly.
All users and administrators configured for PKI authentication can now log in to FortiMail without password.