Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ChrisTan
Staff
Staff

Created on ‎06-15-2025 01:24 PM

Article Id 396168

Troubleshooting Tip: FortiGate HA in Azure stops working with client secret keys expired

Description This article describes how to fix the expired client keys for Azure FortiGate HA.
Scope FortiGate in Azure.
Solution

The Azure application client key may expire. If so, the FortiGate HA will not work, and FortiGate will be unable to communicate with the Azure portal.

 

From the FortiGate, the Azure Connector status is down.

 

2025-06-13_13h55_57.png

 

diag debug application azd -1

azure {"error":"invalid_client","error_description":"aadsts7000222: the provided client secret keys for app are expired.

 

This is because the Azure client secret default expiry time is six months.

 

2025-06-13_15h20_00.png

 

Every time the old client secret expires, a new client secret must be created to apply to the FortiGate.

 

2025-06-13_13h57_41.png

 

The FortiGate HA Azure Connector status will be up once the new secret value is applied.
100
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.