Technical Tip: Renew FortiProxy Built-In Certificates
| Description | This article describes how the built-in certificates in FortiProxy can be renewed |
| Scope | FortiProxy. |
| Solution | To renew the built-in certificates on FortiProxy on v2.0.X, refer to the commands below:
Fortinet_CA_SSL:
execute certificate local generate default-ssl-ca
Fortinet_CA_Untrusted:
Renew all SSL Key Certificates:
execute certificate local generate default-ssl-key-certs
Fortinet_SSL:
execute certificate local generate default-ssl-serv-key
To renew the built-in certificates on FortiProxy on v7.0 and above, refer to the commands below.
Fortinet_CA_SSL:
execute vpn certificate local generate default-ssl-ca
Fortinet_CA_Untrusted:
execute vpn certificate local generate default-ssl-ca-untrusted
Renew all SSL Key Certificates:
execute vpn certificate local generate default-ssl-key-certs
Fortinet_SSL:
execute vpn certificate local generate default-ssl-serv-key
Fortinet_GUI_Server:
execute vpn certificate local generate default-gui-mgmt-cert
Note: Only the built-in certificates can be renewed using the commands above. Externally imported certificates will need to be renewed manually. |