Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ikome
New Contributor

Forticlient prompting for cert at logon

Hi All,

We are deploying FC via Intune. We have gotten it to work with Autopilot and show up at login.

However, everytime I attempt to login the cert box pops up to specify a cert but there are no certs listed to choose from.

We went away with the whole cert thing in FC and instead do host checker option. Not sure why the cert box is even popping up.

My only guess if it's a machine cert of sorts it's looking?

Anyone else run into this issue and solved it? Or a workaround?

https://omegle.onl/ vshare
2 REPLIES 2
ebilcari
Staff
Staff

As soon as the FCT is connected to an EMS, a certificate is automatically generated from EMS CA and pushed to the end host. If you check under managed endpoints the FCT ID will be the certificate that you can find in end host, User Certificates > Personal > Certificates

emsi.png

 

Can you check if the certificate is enrolled on this host?

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
Dhruvin_patel

Hello ikome,

 

I'm assuming that the forticlient is not managed through EMS. You are directly connecting to Fortigate to create an sslvpn tunnel.

 

In this case, It shows the certificate popup, if you are using the fortigate factory certificate. The reason is that the FortiGate factory certificate is a self-signed certificate and the client cannot verify the server certificate (in this case FortiGate certificate as Fortigate is acting as a server). If you would like to resolve the warning, please purchase and import the signed SSL certificate, it was shown in this document: https://docs.fortinet.com/document/fortigate/6.2.3/cookbook/825073/purchase-and-import-a-signed-ssl-...

 

Best Regards,

Labels
Top Kudoed Authors