FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 278379

This article describes how to export root CA certificate from Active Directory or CA server and then import it into FortiGate.

Scope FortiGate.
  1. Login to Active Directory Server and launch the Certificate Authority application by holding the Windows button + R then type certsrv.msc
  2. 'Right-click' on the CA and select Properties.




  1. Under General, select View Certificate to display the certificate.



  1. Then under Detail, select Copy to File to start the exporting wizard process.




  1. Follow the wizard process to complete the exporting, and select DER Encoded binary X.509 (.cer) format.
  2. Select browse, choose the save location for the certificate, and press next to complete the exporting process.


Once done with the exporting process, log to FortiGate and browse to System -> Certificates then select Create/Import -> CA Certificate


Select File, select Upload, and select the previously exported certificate.




 Select OK to import, it will show under the Remote CA Certificate section as CA_CERT_1.