DescriptionThis article concerns the issue of an Android device accessing to a website that being protected by FortiGate web filter with SSL Full Inspection. Android users will get an error prompt of “Untrusted security certificate".
This is a known behaviour with FortiGate CA certificate on Android devices where it is not able to locate the intermediate CA and will show an error message.
ScopeFortiGate and Android devices.
SolutionDownload the FortiGate CA from the Web Based Manager (GUI)
1.1) Go to System > Certificates > Local Certificates.
1.2) Select Fortinet_CA_SSLProxy (this applies to another certificate that needs to be used for SSL inspection).
1.3) Click on Download.
1.4) Save the file Fortinet_CA_SSLProxy.cer (or any other related CA file if another certificate needs to be used).
Add certificate to device credentials
To complete the install, the certificate must be added to the device's security credentials.
2.1) Navigate to Settings > Security.
Select "Install from phone storage" to get the certificate file from the downloads folder of the device.
Select "install from phone storage" to find the recently downloaded certificate.
2.2) Locate the downloaded certificate file.
First, select "Internal storage" from the list of locations in the "Open from" window. Navigate to the "Download" folder and select the certificate .cer file.
2.3) Open from "Internal storage", and select the "Download" folder.
The certificate is now successfully downloaded onto the Android device.