FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ppatel
Staff
Staff
Article Id 189786

Description

 

This article describes how to import the CA certificate that can be used to for full SSL inspection.


Solution

 
In order to import the CA certificate for full SSL inspection, import it with the private key and perform the certificate upload based on the file format: 
 
  • If there is a private key in the same file as the certificate, upload it via the following route: 
 
System -> Certificates -> Import -> Local Certificate -> PKCS#12

Note: If a new CA certificate is purchased, and exported from a third party unzip the folder and it has two files.  
File with Local certificate would be imported using the above path. However, other CRT files which is CA cert need to be imported by following the path 
 
 System -> Certificates -> Import -> CA Certificate -> File  
 
  • If there is the private key in a separate file as the certificate, upload it as: 
System -> Certificates -> Import -> Local Certificate -> Certificate.
 
Note:
Older FortiOS systems have the 'Certificates' section hidden from GUI, enable it first via the System -> Feature Visibility section.

 

Related article:

Technical Tip: Installing Private CA for Deep inspection