FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
GiannisChari
Staff
Staff
Article Id 342435
Description This article describes that an imported certificate with its corresponding private key does not appear in the service provider available certificate drop box under single Sign-on settings. This is not the Identity Provider(IDP) Certificate (the one imported from Azure, for example).
Scope FortiGate.
Solution

This happens because the Service Provider Certificate key type must be RSA.

 

Certificate.png

 

In order to appear in the drop box in SSO settings:

 

Service_provider_certificate.png

 

However, when the certificate key type is ECDSA:

 

Cert1.png

 

It will not appear on the drop box:

 

List22.png

 

It is a common case that certificates generated from certbot face this issue because, by default, certbot uses ECDSA instead of RSA. If using certbot, make sure to use this switch:                       

 

--key-type RSA