Description | This article describes how to resolve the 'API error 60' message, which prevents pushing configuration from FortiGate to a managed FortiSwitch. |
Scope |
FortiGate version 7.x and managed FortiSwitch version 7.x. |
Solution |
After importing a local certificate on the FortiSwitch, the following sync error may appear on the FortiGate: execute switch-controller get-sync-status all Due to the error, the config does not get pushed from FortiGate to the managed FortiSwitch.
Follow these steps to rectify the error:
FortiGate-60F # execute vpn certificate ca import tftp /temp/zzzz/zzzzrootCA.crt <tftp ip address>
show switch-controller system
execute system certificate local import tftp <file-name> <tftp_ip>
For example:
execute system certificate local import tftp temp/xxxx/xxxx074.p12 10.105.129.1 p12 fortinet123
Show the certificate: show system certificate local edit "xxxx074" set password ENC wuPp7AGYkncE2QblJ6pjdyed1MfVG+dVhJ6sy9aDP+B50ykGwPsa5R7DcKrd6b2SfhidSZg1vN9NLlssOHthDyCWAfzpx6MNRo9j8ojJY0FsU1kTk/r/71KGva5RldCZODJBII5FtN5pvJhj8znzythf8XX8O/UwWzbGEDJ+H4uOUnfE next end set https-server-cert "xxxx074" end
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.