Help
FortiADC
FortiADC enhances the scalability, performance, and security of your applications whether they are hosted on premises or in the cloud.
Deepak_Girimaji_FTNT
Staff
Staff

Created on ‎07-22-2025 03:37 AM Edited on ‎07-28-2025 05:13 AM By Moderator

Article Id 402633

Technical Tip: Removal of default local certificates on FortiADC

Description

 

This article outlines that the deletion of the default local certificate on a FortiADC system is not permitted.

 

Scope

 

FortiADC.

 

Solution

 

All FortiADC platforms are provisioned with the following default certificates as explained below:

 

 

The default certificates cannot be deleted, even if they are not referenced by any configuration object. Deletion attempt via CLI will result in the error mentioned below:

(local) # delete Factory
Command fail. Return code is -42 (This entry is reserved by the system. It cannot be deleted.)

 

This is an expected behavior and should not be a cause for concern. If replacing the default self-signed local certificate is required, it is sufficient to update the relevant configuration to reference the newly imported certificate.

 

Related document:
Manage certificates - FortiADC 7.4.7 handbook

58
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.