Hello Everyone,
This is probably a common issue, but it's kind of urgent.
I configured a CSR from Fortigate to purchase an SSL Certificate.
All good so far, i managed to install the certificate. But i want to use it in other servers, so i need the private key.
Throught CLI, i found the private key but it's encrypted. the commande "unset password" doesnt work apparently in the 5.4 FortiOS.
What are my options ? can i export the certificate/key in another Fortigate (4.0 ?) and try to unset the password ? any other solution ?
Thank's
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
yes you will need to create a cert bundle as you cannot import a key into a FGT :)
And yes private and public key as well as the certificate itself are encrypted and that's what they should be.
You might need to know the password if you want to use the private key if it is password encrypted.
And this is the only caveat here too! Private/public key and cert encryption is not Fortinet-specific. This is defined by ssl. But the encryption of you stored password is! So you might need to put the FGT you want to import that to to the same firmware version as you other one is band then upgrade follwoing upgrade path if neccessary. This is because Fortinet (prolly several times) made changes in the password encryption algorithms.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.