Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
nguyenbakhanh
New Contributor

FIX WIN 7: this site's security certificate is not trusted

[style="vertical-align: inherit;"][style="vertical-align: inherit;"]FIX WIN 7: this site's security certificate is not trusted: [link]https://youtu.be/0e42USqE-CM[/link][/style][/style]

4 REPLIES 4
nnair
Staff
Staff

Thank you for the post.
The update that you have shared is not clear, based on the title please check the below link:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Untrusted-certificate-warning-in-FortiGate...

rosatechnocrat
Contributor II

Potential causes could be : 

1> You are using a deep certificate inspection policy ( SSL-SSH Profile) without a proper certificate. 

2> You are presenting your Fortigate certificate to the user, which might not be trusted in the client as the Root CA is not trusted or Fortigate has a self-signed certificate. 

 

Solution : Try removing the SSL profile or all UTM features from a particular policy and test the behavior. 

Rosa Technocrat -- Also on YouTube---Please do Subscribe
Rosa Technocrat -- Also on YouTube---Please do Subscribe
rosatechnocrat
Contributor II

You might would like to visit below link if you want to get more details on certificate and SSL Profile. 

 

https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/329138/preventing-certificate-warnings

Rosa Technocrat -- Also on YouTube---Please do Subscribe
Rosa Technocrat -- Also on YouTube---Please do Subscribe
rtichkule
Staff
Staff

An error message stating "This site's security certificate is not trusted" may indicate that your FortiGate firewall does not recognize or trust the security certificate for the website you are trying to access.


This error message could appear for a number of different reasons. The security certificate for the website may have expired or been issued by a Certificate Authority (CA) that is not recognised by your firewall. It's also conceivable that your firewall is preventing the SSL/TLS connection to the website for another reason.

 

If the padlock is visible in your web browser's address bar, you can accomplish verification by clicking on it to view the certificate's details. Verify the certificate's expiration date and that a reputable CA issued it.

 

You might need to modify your SSL/TLS inspection settings to enable the connection if your firewall is preventing the SSL/TLS connection to the website. For instructions on how to do this, consult the below documentation for your firewall.

SSL Inspection | FortiGate / FortiOS 6.2.5 (fortinet.com)

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors