FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 189786



This article describes how to import the CA certificate that can be used to for full SSL inspection.


In order to import the CA certificate for full SSL inspection, import it with the private key and perform the certificate upload based on the file format: 
  • If there is a private key in the same file as the certificate,  upload it via: 
System -> Certificates -> Import -> Local Certificate -> PKCS#12
  • If there is the private key in a separate file as the certificate, upload it as: 
System -> Certificates -> Import -> Local Certificate -> Certificate.
Older FortiOS systems have the 'Certificates' section hidden from GUI, enable it first via System -> Feature Visibility section.


Related Articles:

Technical Tip: Installing Private CA for Deep inspection