How to change FortiWeb's default certificate

The FortiWeb appliance presents its own HTTPS server certificate for secure connections (HTTPS) to the web UI. By default, A Fortinet factory certificate is used as the certificate (see How to offload or inspect HTTPS). To replace it with other certificates, here are the steps:

1.  Go to System > Admin > Certificates and select the Admin Cert Local tab.

To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the Admin Users category. For details, see Permissions.

2.  You can click View Certificate Detail to view the selected certificate’s subject, range of dates within which the certificate is valid, version number, serial number, and extensions.

3.  You can click Edit Comments to make a comment to the selected certificate.

4.  To upload a certificate for replacing the Fortinet factory default certificate, click Import and configure the following settings:

Type Select type of the certificate you are uploading, PKCS12 Certificate or Certificate.
Certificate with key file
Select the certificate with key file from your local computer, if Type is specified as PKCS12 Certificate.
Certificate file Select the certificate file from your local computer, if Type is specified as Certificate
Key file Select the key file from your local computer, if Type is specified as Certificate
Password Enter password for the certificate.

5.  Click OK.

6.  Go to System > Admin > Settings, select the certificate from HTTPS Server Certificate (see Global web UI & CLI settings).