Obtaining and installing a signed server certificate from an external CA

Obtaining and installing a signed server certificate from an external CA

To obtain a signed server certificate for a FortiGate unit, you must send a request to a CA that provides digital certificates that adhere to the X.509 standard. The FortiGate unit provides a way for you to generate the request.

 

To submit the certificate signing request (file-based enrollment):

1. Using the web browser on the management computer, browse to the CA web site.

2. Follow the CA instructions for a base-64 encoded PKCS#10 certificate request and upload your certificate request.

3. Follow the CA instructions to download their root certificate and CRL.

When you receive the signed server certificate from the CA, install the certificate on the FortiGate unit.

 

To install or import the signed server certificate – web-based manager

1. On the FortiGate unit, go to System > Certificates > Import > Local Certificates.

2. From Type, select Local Certificate.

3. Select Browse, browse to the location on the management computer where the certificate was saved, select the certificate, and then select Open.

4. Select OK, and then select Return.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.