FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
aishaqui
New Contributor III
Article Id 243068
Description

This article describes the steps for manually importing a public CA certificate bundle into FortiGate.

 

This can be needed in cases where for some reason some CA certificates or the whole bundle is removed from FortiGate or if the customer wants to manually downgrade or upgrade the CA certificate bundle.

Scope

All FortiGate models and supported firmware.

Solution

Prerequisites:

 

1) TFTP server.

 

2) CA certificate bundle package. It is needed to contact Fortinet support to get the CA certificate bundle package.

 

The below command is used to import the CA certificate bundle from FortiGate CLI:

 

# execute vpn certificate ca import bundle <CA bundle filename> <TFTP server IP>

 

aishaqui_0-1673964514677.png