Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yz
New Contributor

Best Practice dealing with 3rd party certificates to allow SSL connection

Hi ,

 

I'm not familiar with Fortinet at all. 

 

I would like to understand what is the best practice when we need to enable a connection 

to a site like Github and such .

Since the certificate copy  produced by Fortinet replacing the original Github  certificate isn't valid 

by the client and we get a SSL error.

 

So how do we deal with such a situation ? i.e allowing SSL connection to Github ( as an example ).

 

I would be much obliged if you could answer me as to a completely noob.

Thanks

 

 

1 Solution
kcheng
Staff
Staff

Hi,

 

I believe you are using deep inspection where the certificate is replaced with FortiGate certificate. In that case, you will need to import the FortiGate certificate into client's machine and configure it as trusted CA. Kindly refer to the following document:

Cookbook | FortiGate / FortiOS 6.2.0 | Fortinet Documentation Library

 

Cheers,
Kayzie Cheng

If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

1 REPLY 1
kcheng
Staff
Staff

Hi,

 

I believe you are using deep inspection where the certificate is replaced with FortiGate certificate. In that case, you will need to import the FortiGate certificate into client's machine and configure it as trusted CA. Kindly refer to the following document:

Cookbook | FortiGate / FortiOS 6.2.0 | Fortinet Documentation Library

 

Cheers,
Kayzie Cheng

If you have found a solution, please like and accept it to make it easily accessible for others.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors