Note: FortiWeb may require you to provide certificates and CRLs even if your web sites’ clients do not use SSL/TLS to connect to them.

For example, when querying an authentication server via LDAPS, FortiWeb will validate the LDAPS server’s certificate by comparing the server certificate’s CA signature with the certificates of CAs that are known and trusted by the FortiWeb appliance. See “Trusted CA certificates” and “Revoking certificates”.