Staff

Technical Tip: FortiGate Certificate enrollment using SCEP does not support GOST 28147-89 cipher

Description

This article describes that GOST 28147-89 cipher is not supported and which cipher algorithms are supported.

Scope

FortiGate.

Solution

FortiGate Certificate enrollment method using SCEP only supports the following options:

CMP: Generate a certificate request over CMPv2. Key size - [1024, 1536, 2048, 4096].
EC: Generate an elliptic curve certificate request. Elliptic options - [ secp256r1, secp384r1 and secp521r1].
RSA: Generate an RSA certificate request. Key size - [1024, 1536, 2048, 4096].

Sign up