Description |
This article describes the situations when FortiGate for EMS says: Server certificate and configured certificate are mismatched. |
Scope | FortiGate connected. |
Solution |
Verify an existing / renewed EMS Server Certificate Some errors can occur:
1) From the browser connected to EMS, export the certificate (actually exporting the public certificate).
2) Import as a remote certificate on the FortiGate as a Remote Certificate.
3) Change the trusted certificate in the config by CLI.
Steps to follow:
1) From the browser connected to EMS, export the certificate (actually exporting the Public certificate).
Save as: 'Base64-encoded ASCII, single certificate (*.pem;*.crt)'.
2) Import the remote certificate on FortiGate as a Remote: System -> Certificates -> Import -> Remote Certificate.
3) CertificateChange the trusted cert in the config by CLI:
# config endpoint-control fctems edit <ems_name> set certificate <New Imported Remote Certificate> next end
Related documents: 6.4.0 - Configuring other Security Fabric devices - FortiClient EMS 7.2.3 - Configuring other Security Fabric devices - FortiClient EMS |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.