| Description |
This article describes the situations when FortiGate for EMS says: Server certificate and configured certificate are mismatched. |
| Scope | FortiGate connected. |
| Solution |
Verify an existing / renewed EMS Server Certificate Some errors can occur:
1) From the browser connected to EMS, export the certificate (actually exporting the public certificate).
2) Import as a remote certificate on the FortiGate as a Remote Certificate.
3) Change the trusted certificate in the config by CLI.
Steps to follow:
1) From the browser connected to EMS, export the certificate (actually exporting the Public certificate).
Save as: 'Base64-encoded ASCII, single certificate (*.pem;*.crt)'.
2) Import the remote certificate on FortiGate as a Remote: System -> Certificates -> Import -> Remote Certificate. 
3) CertificateChange the trusted cert in the config by CLI:
# config endpoint-control fctems edit <ems_name> set certificate <New Imported Remote Certificate> next end
Related documents: 6.4.0 - Configuring other Security Fabric devices - FortiClient EMS 7.2.3 - Configuring other Security Fabric devices - FortiClient EMS |
