Description |
This article describes when users are not able to log onto FortiSOAR instances using correct credentials.
|
Scope | FortiSOAR. |
Solution |
To resolve this issue, run the following command as a root user (via 'sudo su' and using the csadmin password) using a SSH session:
curl -s https://update.cybersponse.com/downloads/scripts/generate-root-certificate.sh | bash /dev/stdin
mkdir -p /home/csadmin/temp
cd /home/csadmin/temp openssl genrsa -out cs.loc.root.key 2048 openssl req -x509 -sha256 -new -nodes -key cs.loc.root.key -days 365 -out cs.loc.root.crt -subj "/C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FortiSOAR/CN=fortisoar.localhost" yes | mv cs.loc.root.key /etc/pki/cyops/ yes | mv cs.loc.root.crt /etc/pki/ca-trust/source/anchors chattr -i /etc/cyops-release cp /etc/cyops-release /etc/cyops-release.bkp sed -e "s/,secure-message-exchange//g" -i /etc/cyops-release sed -e "s/,forticloud-secure-message-exchange//g" -i /etc/cyops-release csadm certs --generate `hostname` cp /etc/cyops-release.bkp /etc/cyops-release chattr +i /etc/cyops-release rm -f /etc/cyops-release.bkp csadm services --restart Note.
Replace the values of 'O' and 'OU' with the organization's values.
Important.
In the case of FortiSOAR Cloud deployment, once the CA root cert is updated, update the embedded certs using the following command:
csadm secure-message-exchange update-exchange-event-listener-certs
Once the above command is run, it is necessary to update the certificates in the embedded SME using the FortiSOAR GUI:
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.