Skip to main content
TomWhi
TomWhi
New Member
April 18, 2018
Solved

Certificates of HTTPS management page

  • April 18, 2018
  • 3 replies
  • 28415 views

Hi,

 

I am struggling to find documentation on how to add an internal certificate to the FortiGate HTTPS management page. Every google search returns how to avoid MIM/Webfiltering. 

 

I would like to secure my FortiGate admin logon page with a certificate issued by a Windows PKI server so that the logon page doesn't error when we logon to it. 

 

Any advice or articles to do this would be appreciated! 

 

Tom 

    Best answer by Markus

    Hi Tom You can also import cert & key directly. Goto System --> Certificates --> Import --> Local Certificate choose Certificate from the dropdown. In System --> Settings choose the imported certificate in Administration Settings Best, Markus

     

    3 replies

    emnoc
    emnoc
    New Member
    April 18, 2018

    Simple, bundle the  cert+key in  pfx format & import it  from the WebGUI. Various OSversions has had problems with this btw.

     

    Now, within  the global config ; " you set that  cert for admin  interface"


     config system global
       set admin-server-cert youcertnamethatyouimport
     end

     

     

    You do not need to reboot the appliance for the certificate to be used

     

    Ken

     

    Markus
    MarkusAnswer
    New Member
    April 19, 2018

    Hi Tom You can also import cert & key directly. Goto System --> Certificates --> Import --> Local Certificate choose Certificate from the dropdown. In System --> Settings choose the imported certificate in Administration Settings Best, Markus

     

    TomWhi
    TomWhiAuthor
    New Member
    April 20, 2018

    Thank you both very much for your advice! I will give that a try :)

    ropeguru
    ropeguru
    New Member
    April 21, 2018

    Can you just not go into the certificates section and import a local certificate of type "certificate" and provide the key file and cert?

     

    I know this is available in 5.4.x, 5.6.x, and 6.0

    TomWhi
    TomWhiAuthor
    New Member
    April 23, 2018

    Thanks everyone - it was as simple as you all said. I was struggling because I wasn't selecting "local certificates" because I didn't realise the term also included "for remote" so I just ignored that option. 

     

    I imported my cert and enabled it on the management page. Works a treat! 

    Terms & ConditionsAccessibility statement