This article describes how to import a server certificate, including the full CA chain, in FortiPortal.
FortiPortal.
openssl s_client -showcerts -connect <FortiPortalAddress>:443
Optional:
If the issuing authority has provided the server certificate and private key as a password-protected PKCS#12 file, use openssl to export them as separate files with no password (both commands will prompt for the PKCS#12 file password)
openssl pkcs12 -in <YourPKCS12File>.p12 -out <OutputKeyFilePEM>.key -nodes -nocerts
Enter Import Password:
openssl pkcs12 -in <YourPKCS12File>.p12 -out <OutputCertificateFilePEM>.crt -nokey
Enter Import Password:
The usage of the '-nodes' flag in the key export command is necessary to export the private key without setting a new password.
When done, import the two output files using the respective file selectors in the FortiPortal GUI, as described in the steps above.
If the private key is provided by the issuer as a separate encrypted file, use the following OpenSSL command to decrypt the key before importing it in FortiPortal (enter the key password when prompted):
openssl rsa -in <YourEncrypted>.key -out <YourDecrypted>.key
Enter pass phrase for <YourEncrypted>.key:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.