FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mtse
Staff
Staff
Article Id 334598
Description

This article describes how to verify by OpenSSL if the format of the certificate is correct when getting an error message like the below in certificate import:

 

Incorrect certificate file format for CA/LOCAL/CRL/REMOTE cert

Scope FortiGate.
Solution

If the error 'Incorrect certificate file format for CA/LOCAL/CRL/REMOTE cert' was reported, the OpenSSL tool can be used to verify if the certificate itself has a format error.

 

mtse_0-1724135460973.png

 

For example:

 

C:\openssl-3.0.0\openssl-3\x64\bin>openssl x509 -in cert_fortigate_test.crt -text -noout

Could not read certificate from cert_fortigate_test.crt

Unable to load certificate

 

In this case, it was found that the certificate had a format error itself and needed to be corrected first before importing it to FortiGate again.

 

Contributors