Description |
This article describes how to verify by OpenSSL if the format of the certificate is correct when getting an error message like the below in certificate import:
Incorrect certificate file format for CA/LOCAL/CRL/REMOTE cert |
Scope | FortiGate. |
Solution |
If the error 'Incorrect certificate file format for CA/LOCAL/CRL/REMOTE cert' was reported, the OpenSSL tool can be used to verify if the certificate itself has a format error.
For example:
C:\openssl-3.0.0\openssl-3\x64\bin>openssl x509 -in cert_fortigate_test.crt -text -noout Could not read certificate from cert_fortigate_test.crt Unable to load certificate
In this case, it was found that the certificate had a format error itself and needed to be corrected first before importing it to FortiGate again. |