Technical Tip: How to disable mTLS temporarily

Enter the following commands in the CLI to disable mTLS (Mutual Transport Layer Security) authentication on the FortiGate:

config authentication scheme
    edit "mtls"
        set method cert
        set user-cert disable
    next
end

config authentication rule
    edit "mtls"
        unset active-auth-method
    next
end

config authentication setting
    unset user-cert-ca

end

Disabling mTLS authentication means clients will no longer need certificates to connect securely. Ensure the change is consistent with the security standards of the organization.