Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
NeerajSofat1
New Contributor

Forticlient login page issue

Hi all,

We are facing the Forti-Client authentication login page issue by our all the users.

We are using 800D UTM having v7.4.3 build2573 version.

Error is ERR_CERT_AUTHOURITY_INVALID and we checked on event Viewer log & found error : The Certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The TLS Connection request has failed.

Attached URL action also not worked:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-GUI-Untrusted-HTTPS-server-certificate/ta-...

 

Help please
Help please
6 REPLIES 6
Toshi_Esumi
SuperUser
SuperUser

Is this SSL VPN? Do you happen to be using "Fortinet_Factory" default cert for SSL VPN? And, recently upgraded the FGT to v7.4.3, which caused this symptom to start for all users?

 

If all "yes", the default cert might have gotten broken during the last upgrade. Try creating a new one if that's the case and change the cert to that one for SSL VPN.

Toshi

NeerajSofat1
New Contributor

Hi Toshi_Esumi, thank you for your reply but, -

It is not SSL VPN, it is local login ids are created. We have not upgraded version recently, earlier everything was fine. We are using Fortinet_GUI_Server certificate.

Help please
Help please
Tomviv
New Contributor

Did you manage to resolve this? I have a similar issue in that our Chromebook users no longer get prompted with the fortigate login screen, instead a NET::ERR_CERT_AUTHORITY_INVALID message.

NeerajSofat

No, we are still facing the same issue.

Tomviv

I have had two-hour remote sessions with Fortinet tech support, and I still haven't received a resolution. I will post back here with any updates.

NeerajSofat1
New Contributor

Fortinet team recommended my below changes for solution:

 

config user setting

set auth-cert Fortinet_Factory

set auth-ca-cert Fortinet_CA_SSL

set auth-secure-http enable

end

Download the **Fortinet_CA_SSL** certificate and install it on the endpoint under **Trusted Root Certification Authorities**.

Help please
Help please
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors