This article shows the guide to apply local certificate in multiple scenarios for FortiManager and FortiAnalyzer.
FortiManager/FortiAnalyzer.
Users can import custom certificate as local certificate in FortiManager and FortiAnalyzer.
The local certificate can be applied in multiple scenarios and require configuration to apply the changes. In order to apply local certificate for scenario below, CA certificate have to be imported into FortiManager/FortiAnalyzer. Examples are provided below for each application:
Or configure from CLI:
config system admin
Set admin-server-cert <Local Certificate>
End
config system global
set fgfm-ca-cert <CA Certificate>
set fgfm-local-cert <Local Certificate>
end
Configure the following in FortiGate CLI:
# config system central-management
set ca-cert <CA Certificate>
set local-cert <Local Certificate>
end
config system certificate oftp
set mode local
set local <Local Certificate>
end
Configure the following in FortiGate CLI:
config log fortianalyzer setting
Set certificate <Local Certificate>
end
FortiManager Primary:
config system ha
Set local-cert <Local Certificate>
end
FortiManager Secondary:
config system ha
Set local-cert <Local Certificate>
end
Or configure from CLI:
config system syslog
Set reliable enable
Set secure connection enable
Set local-cert <Local Certificate>
end
config system mail
Set port 587
Set secure-option <smtps | starttls>
Set auth-type certificate
Set local-cert <Local Certificate>
end
Related articles:
Technical Tip: How to upload and set local certificate to be used in FortiManager/FortiAnalyzer
Technical Tip: Using an externally signed local certificate for OFTP connection
Technical Tip: How to import an SSL certificate as a local certificate
Technical Tip: How to configure FortiManager to use custom certificate for HA communication
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.