FortiGate Certificate management (SSL VPN Azure AD SSO)

gunnim · ‎02-19-2023

I'm a new FortiGate user, following the Azure AD SSO documentation here

In the docs, Fortinet points to msft to explain the certificate upload.

However Msft docs have the following steps

Sign in to the management portal of your FortiGate appliance.
In the left pane, select System.
Under System, select Certificates.
Select Import > Remote Certificate.
Browse to the certificate downloaded from the FortiGate app deployment in the Azure tenant, select it, and then select OK.

My FortiGate 40F v7.2.3 however does not show that option.

In fact, I can't find certificate management anywhere in the GUI, except hidden inside setup wizards for other features..

I tried to do

config vpn certificate remote

And add the cert there, I managed to add it but

config user saml

edit "AzureSSO"

set cert <name of the cert>

gave me an error..

What am I missing?

amouawad · ‎02-19-2023

Check to see if it's been enabled in the GUI under System > Feature Visibility > Certificates

amouawad · ‎02-19-2023

Check to see if it's been enabled in the GUI under System > Feature Visibility > Certificates

gunnim · ‎02-20-2023

Thanks ! I can now manage certificates to some degree :)

And my other issue was that I was providing the wrong certificate at the wrong step

Nominate a Forum Post for Knowledge Article Creation