ssl inspection strips intermediate certificate

Question

Hello,I combined my web server domain certificate with intermediate certificate[size="1"]-----BEGIN CERTIFICATE-----...-----END CERTIFICATE----------BEGIN CERTIFICATE-----...-----END CERTIFICATE-----[/size]to have full certification path. ssllabs.com gives website A rating.Then I uploaded combined certificate to FortiGate 300E (v6.0.2 build0163 (GA)) System>Certificates>Import>Local CA> Certificate.I created SSL inspection profile with that combined certificate (Protecting SSL Server, HTTPS 443) and applied this profile to my web server IPv4 Policy SSL inspection.Now ssllabs.com gives rating B, because certificate chain is incomplete (intermediate certificate is missing). I downloaded certificate from FortiGate and confirmed that intermediate certificate was striped.Any advice how to keep intermediate certificate when doing ssl inspection with FortiGate?

John125478 · Answer

SOLUTION:separately import the intermediate certificate, make sure that intermediate CA is under the External CA certificates.https://kb.fortinet.com/k...ateId=1%200%2057588943

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded