Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ssriswadpong
Staff
Staff

Created on ‎12-13-2021 04:58 PM

Article Id 200884

Technical Tip: Getting the warning "Invalid Certificate detected, Are you sure you want to Continue?" while connecting SSL VPN Tunnel mode (FortiClient) with SAML authentication

 

Description

This article describes the warning "Invalid Certificate detected, Are you sure you want to Continue?" even you have changed the SSL VPN certificate or installed an SSL VPN server certificate on the client.
Scope

FortiGate 6.4 and 7.0

FortiClient 6.4 and 7.0
Solution ssriswadpong_0-1639331618047.png

 


If you get the warning as per the above image after entering your credential, this is a warning from the Azure SAML part. If you are connecting SSL VPN by FQDN (fully qualified domain name), you have to change from public IP address to FQDN in

1. Under "config user saml"

#config user saml

#edit <name>

#set entity-id "https://<FQDN>:<Custom SSL VPN port>/remote/saml/metadata"

#set single-sign-on-url "https://<FQDN>:<Custom SSL VPN port>/remote/saml/login"

#set single-logout-url "https://<FQDN>:<Custom SSL VPN port>/remote/saml/logout"

#end

2. SAML attributes under Username Attributes & Claims in the Azure portal.

ssriswadpong_1-1639332800579.png

Change from IP address to FQDN here.

 

9861
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.