Troubleshooting Tip: FortiGate=CN on 'Fortinet_Factory' local certificate prevents the FortiGate VM communicating with FortiManager
| Description | This article describes an issue where a FortiGate VM cannot connect with FortiManager when CN on the local certificate: 'Fortinet Factory' on the FortiGate is 'FortiGate' instead of the Serial Number of the FortiGate. |
| Scope | FortiGate, FortiManager. |
| Solution | Attempts to apply a new license with the correct CN fail, as shown below:
In the GUI:
In the CLI:
execute vm-license <token> This operation will reboot the system ! Do you want to continue? (y/n)y
The solution for this issue is to redeploy the VM.
After the VM is redeployed, the certificate will have the correct CN (which will be with the Serial Number of the FortiGate), and the FortiGate VM will be able to connect with FortiManager.
Note: The same behavior is noticed when connecting to FortiClient EMS, and the same solution is applicable. For more information, see Troubleshooting Tip: 'Issue sending initial FortiGate Serial Number' error when connecting to EMS Cloud.
If the FortiGate is a hardware model, see Troubleshooting Tip: Registering FortiGate HA cluster in FortiManager: Serial number mismatch inside FortiGate's certificate CN/SAN. |
