Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
JianWu
Staff
Staff

Created on ‎02-23-2025 11:39 PM Edited on ‎02-25-2025 07:19 AM By Moderator

Article Id 378466

Technical Tip: FortiGate GUI Access stopped working after upgrade to v7.2.11/v7.4.8/v7.6.1

Description This article describes a scenario when GUI Access no longer works after a software upgrade to v7.2.11/v7.4.8/v7.6.1.
Scope FortiGate GUI Access.
Solution

Starting from v7.2.11/v7.4.8/v7.6.1, FortiGate supports OpenSSL 3.4.0 and it requires a minimum RSA key of 2048 bits.
Any certificates using an RSA key of less than 2048 bits are no longer supported, if such a cert is used, GUI access will stop working after the upgrade.

 

This change came after OpenSSL 3.2.0 changed the default security level to 2, which means that it required a minimum RSA of 2048 bits.

 

The user can check the RSA keys of the certificate by running the command :

 

    openssl x509 -in name_of_certificate.cer -text -noout

 

Further information is available in this github readme.

 

To address the issue, either use the default cert as seen below or use a new cert that meets the minimum requirement:

 

config system global
    set admin-server-cert "Fortinet_GUI_Server"
end
1403
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.