Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
lmassip
Staff
Staff

Created on ‎05-25-2025 09:46 PM Edited on ‎06-03-2025 12:15 AM By Moderator

Article Id 393344

Technical Tip: Certificate does not appear in Virtual Server configuration

Description This article describes an issue where a valid local certificate does not appear as an option when configuring a Virtual Server on FortiGate.
Scope FortiGate.
Solution

For a local certificate to be selectable under Policy & Objects -> Virtual Servers, the certificate must include the TLS Web Server Authentication value under the Extended Key Usage field.

 

To verify:

  1. Go to System -> Certificates.
  2. Select the certificate and review the details.
  3. Ensure that the Extended Key Usage includes: TLS Web Server Authentication.

If this value is missing, FortiGate will not recognize the certificate as valid for Virtual Server usage.

 

Resolution:
Request a new certificate from the Certificate Authority (CA), ensuring that the CSR (Certificate Signing Request) includes the correct Extended Key Usage extension.

 

Related article:

Technical Tip: Configure a virtual server
383
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.