[deep-scanning] Import Firefox root-CA list

Hello,

I try to export all firefox root-ca for import to the Fortigate Unit.

Do you have any idea for the best solution ?

The goal is activate this option for control if the CA Certificate is signed by trusted CA.

config firewall ssl-ssh-profile
edit deep-inspection
config https
set allow-invalid-server-cert disable
set ssl-ca-list enable
end
end

Thank you for your help.

New Member

I found the perl script mk-ca-bundle that I adapted for Fortigate.

Usage : ./mk-ca-bundle.pl -v -d release -p ALL:ALL

Sign up