FortiSOAR Knowledge Base
FortiSOAR: Security Orchestration and Response software provides innovative case management, automation, and orchestration. It pulls together all of an organization's tools, helps unify operations, and reduce alert fatigue, context switching, and the mean time to respond to incidents.
nmathur
Staff
Staff
Article Id 206587
Description

This article describes when users are not able to log onto FortiSOAR instances using correct credentials.


In such a case,  the 'Signature Verification Failed' error in the das.log will be visible.

Scope FortiSOAR.
Solution

To resolve this issue, run the following command as a root user (via 'sudo su' and using the csadmin password) using a SSH session:

 


In the case of Air gapped environments, or if the above command does not solve the issue, run the following commands as a root user using an SSH session:

 

mkdir -p /home/csadmin/temp
cd /home/csadmin/temp
openssl genrsa -out cs.loc.root.key 2048
openssl req -x509 -sha256 -new -nodes -key cs.loc.root.key -days 365 -out cs.loc.root.crt -subj "/C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=FortiSOAR/CN=fortisoar.localhost"
yes | mv cs.loc.root.key /etc/pki/cyops/
yes | mv cs.loc.root.crt /etc/pki/ca-trust/source/anchors
chattr -i /etc/cyops-release
cp /etc/cyops-release /etc/cyops-release.bkp
sed -e "s/,secure-message-exchange//g" -i /etc/cyops-release
sed -e "s/,forticloud-secure-message-exchange//g" -i /etc/cyops-release
csadm certs --generate `hostname`
cp /etc/cyops-release.bkp /etc/cyops-release
chattr +i /etc/cyops-release
rm -f /etc/cyops-release.bkp
csadm services --restart
 
Note.
Replace the values of 'O' and 'OU' with the organization's values.
 
Important.
In the case of FortiSOAR Cloud deployment, once the CA root cert is updated, update the embedded certs using the following command:
 
csadm secure-message-exchange update-exchange-event-listener-certs
 
Once the above command is run, it is necessary to update the certificates in the embedded SME using the FortiSOAR GUI:

nmathur_0-1647846152667.png

 

Contributors