Import the SSL certificate into FortiOS

Chapter 4 Authentication : Certificate-based authentication : Example — Generate an SSL certificate in OpenSSL : Import the SSL certificate into FortiOS

To import the certificate to FortiOS- web-based manager

1. Go to System > Certificates > Local Certificates.

2. Select Import.

3. Select Certificate for Type.

Fields for Certificate file, Key file, and Password are displayed.

4. For Certificate file, enter c:\OpenSSL-Win32\bin\fgtssl.crt.

5. For Key file, enter c:\OpenSSL-Win32\bin\fgtssl.key.

6. For Password, enter the PEM Pass Phrase you entered, such as fortinet.

7. Select OK.

The SSL certificate you just uploaded can be found under System > Certificates > Local Certificates under the name of the file you uploaded — fgtssl.

To confirm the certificate is uploaded properly - CLI

config vpn certificate local

edit fgtssl

get

end

The get command will display all the certificate’s information. If it is not there or the information is not correct, you will need to remove the corrupted certificate (if it is there) and upload it again from your PC.

To use the new SSL certificate - CLI

config vpn ssl settings

set servercert fgtssl

end

This assigns the fgtssl certificate as the SSL server certificate. For more information see the FortiOS Handbook SSL VPN chapter.