FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 268395
Description This article describes when the FortiGate is not accessible from GUI and in the putty access, it shows high CPU Utilization.
Scope FortiGate.

When the firewall is accessible from the SSH via putty but not through the GUI, a check in PuTTY may reveal that the httpsd daemon is consuming high resources, causing the issue.

The httpsd daemon is necessary for the HTTPS server for the GUI access of the FortiGate to present the user interface in the browser.

When attempting to gain the GUI access of the firewall after the TCP handshake, the SSL handshake triggers with the certificate configured in 'admin-server-cert' in the global setting.

If the httpsd is consuming high resources and the GUI is not accessible, take the HTTPS to debug and observe the error as shown in the below picture.

diagnose debug application httpsd -1
diagnose debug enable




If the error matches the above screenshot, check the admin-server-cert in the settings:


config sys global
    set admin-server-cert <>


If no admin-server was called, configure the admin certificate as Fortinet_Factory. After making these changes, the CPU utilization will lower to normal and the FortiGate GUI will become accessible.