FortiSwitch: secure, simple and scalable Ethernet solutions
Article Id 193088
This article describes how to generate a CSR and to map the new certificate to Standalone Fortiswitch from GUI.

In Fortiswitch, importing new SSL certificate and using it for the GUI or 802.1x authentication is possible.

- Go to System -> Config -> SSL.
- Choose the respective certificate for GUI/dot1x.

By default, four different certificates are already present.

Refer page 57 of below guide for more details:

In addition, a new CSR can be created by navigating to System -> Certificate -> Local -> Generate.

Once the CSR is downloaded, get it signed by trusted CA to get the server cert.
After generating the CSR and purchasing the new cert, it can be imported to the Fortiswitch by navigating to System -> Ceritificate -> Local.

The imported new certificate can be mapped to the GUI as explained in th first step .                                                      
Also below is the CLI command to map the certificate in the FortiSwitch:
# config system global
    set admin-server-cert {self-sign | Entrust_802.1x | Fortinet_Factory | Fortinet_ Factory2 | Fortinet_Firmware}