FortiADC SSL Imprt

heretolearn · ‎04-15-2025

In the process of renewing SSL certs, this is the first time doing ADC, staff that built is no longer here.

I created the CSR via the local servers IIS, cert was created with DigiCert and uploaded to the same IIS.

I then exported the .pfx from this server getting the following errors when trying to import into ADC.

type: PKCS12 Certificate it fails with the following error 'Failed to store the private key'

I then used open ssl to get .crt and .key and attempted the following:

type: Certificate. and applied the .crt and .key files but get the following error: 'The imported local certificate is invalid.'

Not sure what I'm doing wrong here, any help will be greatly appreciated.

Thank you

Jean-Philippe_P · ‎04-17-2025

Hello heretolearn,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Jean-Philippe - Fortinet Community Team

Jean-Philippe_P · ‎04-22-2025

Hello,

We are still looking for an answer to your question.

We will come back to you ASAP.

Thanks,

Jean-Philippe - Fortinet Community Team

ebilcari · ‎04-22-2025

Have you managed to solve this issue yet? When it comes to certificates, they practically never work on the first try :). Both formats you have tried are supported by FortiADC. Make sure that the private key is exportable while exporting the .pfx file from IIS. Which firmware version is this setup running?

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

heretolearn · ‎04-22-2025

We are on 7.4.4, we plan on updating soon to 7.4.7.

I have confirmed the key is exported from IIS.

I have also just tried to create the CSR via ADC itself, but get a 'import is not as expected' or "Failed to store the Privat Key"

FortiADC SSL Imprt

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website