Technical Tip: How to configure FortiClient to use...

FortiClient

FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.

Article Id 191545

Description

This article explains how to configure FortiClient to use FortiToken 300 for certificate authentication.

Scope

FortiClient.

Solution

Certificates installed on FortiToken-300 are the same as with local certificate for VPN in FortiClient.

The certificate itself has to have the 'Microsoft Smartcardlogin' extendedKeyUsage property, so that it is possible to import it to the token and MS Windows will consider the certificate as placed on SmartCard storage.

If these certificates are made on FortiAuthenticator, then during creation check the box "Use certificate for Smart Card logon" on the bottom of the "Create New User Certificate" page.

When the certificate has 'Microsoft Smartcardlogin', it will be visible in the Windows Certificate Store.

As initial checking, it will be good the Certificates installed on FTK300 to be checked on Windows Certificate Store.

If the certificate is visible in the Windows Certificate Store, it should be visible in FortiClient.

FortiToken docs:
https://docs.fortinet.com/product/fortitoken/5.0

FortiClient docs:
https://docs.fortinet.com/product/forticlient/6.2

3964

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: How to configure FortiClient to use FortiToken 300 for certificate authentication

You are leaving our website