FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
mdeparisse_FTNT

Description
This article describes how to generate a web server certificate for the FortiManager or FortiAnalyzer using Windows PKI. This article covers how to set a server certificate installed on the FortiManager/FortiAnalyzer so that trusting connection can occur.

Solution

Generate a CSR toward the Certificate Authority as follows:
 
 
 
Click Download to get the CSR.
 
 
 
 
Extract the CSR and export it to the CS Certificate Authority.
 
 
 
Connect to the Certificate Authority.
 
 
Select Request a Certificate and advance certificate request.
 
Copy and paste the CSR request and use Web Server as Certificate Template as follows:
 
 
 
Download the certificate.
 
 
 
Download the generated certificate on the FortiManager or FortiAnalyzer.
 
 
 
The status of the certificate is now OK, as follows:
 
 
 
 
It is possible to install the root CA on the management station so that the Web Server can be validated.
 
To download the CA certificate, navigate to the certsrv and click on "Download a CA certificate" and then "Download CA certificate".
 
 
 
Then use the imported Certificate in your FMG or FAZ:
config system admin setting
set admin_server_cert "FMG-Cert"
end
 
Once completed, import it in the CA repository.
 
 
 

 

Contributors