I was following the guide to setup WiFi authentication using Azure and SAML IdP from the Fortinet community here
The authentication does work, but it gives a certificate error when connecting. If you trust the cert the authentication goes through and works. The below error message is seen when using the Fortinet Factory cert.
The following error is observed when using a CA cert from Let's Encrypt.
The intended use is for this network to be used for personal cell phones of company employees. So I do not want employees to have download or trust anything on their devices when connecting to the network.
If it is not possible to avoid the cert trust error please let me know. Otherwise below is what I have tried to get it to work.
The documentation mentions using a CA certificate and redirecting the auth portal page. However, whenever I redirect the portal it breaks the authentication. I have tired adding the redirection in both the GUI and CLI and various certs, neither works.
Based on the error it seems that the cert error is occurring because the authentication request is coming from the internal IP of the subnet and not the FQDN of the cert. However as mentioned anytime I redirect the portal page it breaks the authentication. (Yes, I updated the Azure App and Fortinet URL's to reflect the redirected address, but it still broke the authentication).
I am still pretty new to certs and stuff so I am probably missing something and help is appreciated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.