Chapter 2 Getting Started : Basic Administration : Configuration Backups : Backup and restore the local certificates
  
Backup and restore the local certificates
This procedure exports a server (local) certificate and private key together as a password protected PKCS12 file. The export file is created through a customer-supplied TFTP server. Ensure that your TFTP server is running and accessible to the FortiGate unit before you enter the command.
Backing up the local certificates
Connect to the CLI and use the following command:
execute vpn certificate local export tftp <cert_name> <filename> <tftp_ip>
where:
<cert_name> is the name of the server certificate.
<filename> is a name for the output file.
<tftp_ip> is the IP address assigned to the TFTP server host interface.
Restoring the local certificates - web-based manager
1. Move the output file from the TFTP server location to the management computer.
2. Go to System > Certificates > Local Certificates and select Import.
3. Select the appropriate Type of certificate and fill in any required fields.
4. Select Browse. Browse to the location on the management computer where the exported file has been saved, select the file and select Open.
5. If required, enter the Password needed to upload the exported file.
6. Select OK.
Restoring the local certificates - CLI
Connect to the CLI and use the following command:
execute vpn certificate local import tftp <filename> <tftp_ip>
See Also
Backup and restore a configuration file using SCP
Restoring a configuration
Configuration revisions