Description | This article describes a scenario when GUI Access no longer works after a software upgrade to v7.2.11/v7.4.8/v7.6.1. |
Scope | FortiGate GUI Access. |
Solution |
Starting from v7.2.11/v7.4.8/v7.6.1, FortiGate supports OpenSSL 3.4.0 and it requires a minimum RSA key of 2048 bits.
This change came after OpenSSL 3.2.0 changed the default security level to 2, which means that it required a minimum RSA of 2048 bits.
The user can check the RSA keys of the certificate by running the command :
openssl x509 -in name_of_certificate.cer -text -noout
Further information is available in this github readme.
To address the issue, either use the default cert as seen below or use a new cert that meets the minimum requirement:
config system global |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.