Im trying to sign a CSR generated by a Fortigate FW. Unfortunately the signed certificate does not show as an option in the SSL inspection profile. Does anyone knows the how to sign the CSR with OpenSSL/Linux?
In order to use a certificate for SSL inspection profile (whether it is certificate inspection/deep inspection), the respective certificate has to be a sub-CA certificate. This means that the certificate will need to have the Basic Constraints stating CA:TRUE. Some references that you can find in our community explain the respective: