Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
pradeepb
Staff
Staff

Created on ‎05-20-2020 09:05 AM Edited on ‎04-09-2025 09:24 PM By Community Manager

Article Id 192766

Technical Tip: How to import an SSL certificate as a local certificate

Description


This article explains how to import an SSL certificate as a local certificate on FortiGate.

Solution

 

  1. If the Certificate Signing Request (CSR) was generated on FortiGate, follow the steps below to import the certificate in .CER format. The Private key is generated on the FortiGate itself as part of the CSR process.

 

By default, the certificate option is not visible under System -> Certificates, before performing these steps the feature may need to be made visible by selecting Feature Visibility -> Additional features -> Enable Certificates.

 

v7.0.1 & Earlier versions:
Import the certificate in System -> Certificates -> Import -> Local Certificate -> Local Certificate.

 

v7.0.2 & Later versions:
Import the certificate in System -> Certificates -> Create/Import -> Certificate -> Import Certificate -> Local certificate.

 

  1. If the Certificate Signing Request (CSR) was generated on an external server, choose the most appropriate option from the following two ways to import the Certificate:
  1. If the Certificate and private key are bundled in a single PKCS#12 (also referred to as .PFX) file format, follow the instructions below.
    This certificate will be encrypted and a password must be supplied with the certificate file.

 

v7.0.1 & Earlier versions:
Import the certificate in System -> Certificates -> Import -> Local Certificate -> PKCS#12 certificate.

 

v7.0.2 & Later versions:
Import the certificate in System -> Certificates -> Create/Import -> Certificate -> Import Certificate -> PKCS#12 certificate.

 

  1. If the Certificate (.CER/.DER Format) and Private Key (.PEM format) are separate, follow these instructions:

 

v7.0.1 & Earlier versions:
Import the certificate in System -> Certificates -> Import -> Local Certificate -> Certificate.

 

v7.0.2 & Later versions:
Import the certificate in System -> Certificates -> Create/Import -> Certificate -> Import Certificate -> Certificate.

 

Certificate file -> .CER 
Key File -> .PEM
Password -> Enter the Password.

 

The password is required to upload the certificate's private key.

 

Related documents:

Import a certificate - FortiGate administration guide

Uploading a certificate using the GUI - FortiGate administration guide

Technical Tip: How to update a local certificate installed on a FortiGate unit without generating a ...

Technical Tip: How to import a new local certificate after renewing the existing local certificate w... 

82793
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.