Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tienj
New Contributor

FortiSIEM Collector self-signed certificate has expired

Hi,

 

We are running FortiSIEM v5.2.1 with a Collector connected to it. The Collector self-signed SSL Certificate had expired. How do we renew the self-signed certificate for the Collector? I cannot find any forums/documentations how to remediate this issue. 

2 REPLIES 2
Anonymous
Not applicable

Hello @tienj , 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

 Fortinet Community Team 

premchanderr
Staff
Staff

Hi @tienj ,

 

If you have a custom certificate then you need to renew the cert which can be then replaced in the httpd.conf file.

 

Also you need CA cert if it'signed by a CA. You need to replace these certs in SIEM and change the httpd

 

Edit /etc/httpd/conf.d/ssl.conf file and make sure these parameters are configured with your certificate and private key filename.
- SSLCertificateFile /etc/httpd/conf.d/fsiem.crt <<<<<<<<<<<< path where you have put the cert in FSM
- SSLCertificateKeyFile /etc/httpd/conf.d/fsiem.key <<<<<<<<< Path where you have put CA cert key

# Restart Apache.

service httpd restart

 

Note: Take a snapshot of VM before doing any changes, so that you can revert in case of issue.

 

Related Link:
https://community.fortinet.com/t5/FortiSIEM/Technical-Tip-How-to-apply-a-self-signed-or-certificate/...

 

Regards,

Prem Chander R

Regards,
Prem Chander R
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors