Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ppatel
Staff
Staff

Created on ‎10-13-2021 01:55 AM Edited on ‎03-10-2025 11:25 AM By Moderator

Article Id 189786

Technical Tip: How to import the CA certificate for full SSL inspection

Description

 

This article describes how to import the CA certificate that can be used to for full SSL inspection.


Solution

 
In order to import the CA certificate for full SSL inspection, import it with the private key and perform the certificate upload based on the file format: 
 
  • If there is a private key in the same file as the certificate, upload it via the following route: 
 
System -> Certificates -> Import -> Local Certificate -> PKCS#12

Note: If a new CA certificate is purchased, and exported from a third party unzip the folder and it has two files.  
File with Local certificate would be imported using the above path. However, other CRT files which is CA cert need to be imported by following the path 
 
 System -> Certificates -> Import -> CA Certificate -> File  
 
  • If there is the private key in a separate file as the certificate, upload it as: 
System -> Certificates -> Import -> Local Certificate -> Certificate.
 
Note:
Older FortiOS systems have the 'Certificates' section hidden from GUI, enable it first via the System -> Feature Visibility section.

 

Related article:

Technical Tip: Installing Private CA for Deep inspection

Labels:
24216
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.