Fortinet Community

Maerre · ‎04-27-2022

Hi Guys,

i need to delete an expired local certificate and upload a new one but the delete botton is grayed out and i've no access to CLI (i access directly to the public ip address), how can i replace it?

if i try to import the new one i'm promped this: "Certificate file is duplicated for CA/LOCAL/REMOTE/CRL cert."

hardware is FortiWiFi 60F Region-E

thanks

regards

vdralio · ‎04-27-2022

Hi @Maerre ,

This error usually appears when:

- Certificate is uploaded in the wrong category.
- Import a certificate without private key material.
- Upload the certificate which is already present.

Can you please delete the existing new certificate and create a new certificate with the private key in the pkcs#12 format then import the certificate:
System -> certificates -> import -> Local Certificate -> PKCS#12 Certificate.

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Fixing-the-error-Certificate-file-is...

This is a way how to update without generating a new CSR
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-update-a-local-certificate-installe...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-SSL-certificate-as-a-local/t...

Here you can verify and validate a certificate following the article below:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Verifying-and-validating-the-accuracy-of-a...

Best Regards,

Vasil

View solution in original post

vdralio · ‎04-27-2022

Dear Maerre,

Please check the articles below, you can find detailed information there:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Unable-to-remove-certificate-delete-button...

https://community.fortinet.com/t5/FortiAuthenticator/Technical-Tip-Unable-to-remove-revoked-certific...

You can always use in the GUI the CLI console:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-open-the-CLI-window-in-GUI/ta-p/195...

Best Regards,

Vasil

Maerre · ‎04-27-2022

Hi @vdralio

thanks for the tip, i 've deleted the certificate but still have the same error when trying to import it:

"Certificate file is duplicated for CA/LOCAL/REMOTE/CRL cert."

vdralio · ‎04-27-2022

Hi @Maerre ,

This error usually appears when:

- Certificate is uploaded in the wrong category.
- Import a certificate without private key material.
- Upload the certificate which is already present.

Can you please delete the existing new certificate and create a new certificate with the private key in the pkcs#12 format then import the certificate:
System -> certificates -> import -> Local Certificate -> PKCS#12 Certificate.

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Fixing-the-error-Certificate-file-is...

This is a way how to update without generating a new CSR
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-update-a-local-certificate-installe...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-SSL-certificate-as-a-local/t...

Here you can verify and validate a certificate following the article below:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Verifying-and-validating-the-accuracy-of-a...

Best Regards,

Vasil