SSL VPN with user certificate (and wildcard too).

Forum|Forum|9 years ago
June 23, 2016
1 reply
4263 views

Hi guys,

I'm facing a problem here. I'm really stuck with this.

Our Fortigate (60D) is working perfect with 5.4.1 FortiOS version. We're using SSL VPN with a Wildcard certificate issued by COMODO, all are ok. This is the good side of the history.

The bad side of it is that now I have to generate individual user certificates for each user that are using our SSL VPN connection.

I found this cookbook article: http://cookbook.fortinet.com/ssl-vpn-with-certificate-authentication/

Ok, I followed, wildcard certificate is there, CA certificate is there, but I didn't know how to correct generate user certificates using openssl (or another app).

Someone can help me with this?

Thank you (sorry about language mistakes).

Carlos

emnoc

New Member

Why do you need to sign individuals certs? If you have a wildcard it should be anything to the right of the *. Can you explain what you want to use for a user-cert.

Carlos_A_AlmeidaAuthor

New Member

Hello Emnoc, how are you?

It's because we want to add a second factor of authentication, like OpenVPN do, for example. Of course, we could use FortiToken to do this but would be expensive. With individual certificates, like in that cookbook article at original post, we will sign our users connections with CA cert installed at Fortigate.

I made this clear? If not let me know.

Thank you and best regards.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded