Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Quint021
Staff
Staff

Created on ‎01-20-2025 04:52 AM Edited on ‎08-18-2025 04:57 PM By Staff

Article Id 370931

Troubleshooting Tip: After the upgrade, FortiGate Cloud 'Remote Access' functionality or FortiCloud SSO login triggers 2 admin login events (1 successful and 1 unsuccessful)

Description This article describes the unexpected behavior that occurs when logging into FortiGate from FortiGate Cloud's Remote Access functionality or using FortiCloud SSO login after upgrading to v7.0.17, v7.2.11, and v7.4.6.
Scope FortiGate-Cloud, v7.0.17, v7.2.11, v7.4.6.
Solution

PKI Admin login failed issue.

  1. Either log in to the FortiGate Cloud page and select Remote Access for the particular device, which redirects to FortiGate's GUI login portal or log in to FortiGate via the default page and select the Sign in with FortiCloud option, then use the FortiCloud login.
  2. Log in to the FortiGate.
  3. Navigate to System Event Log,s where the following logs are observed:


Event Logs Generated.PNG
Details of the logs:


date=2025-01-09 time=15:24:50 eventtime=1736454289671228202 tz="-0500" logid="0100032001" type="event" subtype="system" level="information" vd="root" logdesc="Admin login successful" sn="1736454289" user="admin" ui="https(169.254.1.1)" method="https" srcip=169.254.1.1 dstip=169.254.65.28 action="login" status="success" reason="none" profile="super_admin" msg="Administrator admin logged in successfully from https(169.254.1.1)"
date=2025-01-09 time=15:24:40 eventtime=1736454280376600940 tz="-0500" logid="0100032002" type="event" subtype="system" level="alert" vd="root" logdesc="Admin login failed" sn="0" user="(PKI admin)" ui="https(169.254.1.1)" method="https" srcip=169.254.1.1 dstip=169.254.65.28 action="login" status="failed" reason="no_valid_certificate" msg="Administrator (PKI admin) login failed from https(169.254.1.1) because of no valid user certificate provided"
 

From the logs, an Admin Failure for user 'PKI Admin' is visible. This issue does not impact usability, but it generates a failed login error which is not expected.

 

This 'no_valid_certificate' event log issue is set to be resolved in v7.4.9 and v7.6.4.

 

Certificate Issue.

There is another instance observed with the same behavior, but with a legit IP login attempt with PKI. Legit IP in this context refers to the actual admin login.

 

The following shows a certificate selection prompt. Ignoring this will allow the login. However, there will be a log entry generated as well:

 

image.png

 

date=2025-02-19 time=13:19:48 devname="FGt123" devid="FG6xxxxxxxxx" eventtime=1739942388236850438 tz="+0800" logid="0100032002" type="event" subtype="system" level="alert" vd="root" logdesc="Admin login failed" sn="0" user="(PKI admin)" ui="https(10.1.2.3)" method="https" srcip=10.1.2.3 dstip=10.1.22.3 action="login" status="failed" reason="no_valid_certificate" msg="Administrator (PKI admin) login failed from https(10.1.2.3) because of no valid user certificate provided"

 

The certificate issue is throwing the same event log shown in issue 1, matching Engineering ID 1109633 fixed in v7.4.8 and v7.6.3, respectively.

 

The fix is already mentioned in the FortiOS 7.4.8 release notes and FortiOS 7.6.3 release notes
2771
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.