Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
lvfranz78
New Contributor

Fortigate doesn't send certificate chain

I notice that fortigate doesn't send certificate chain for vpnssl portal neither for authentication portal.

I have try to reimport pfx certificate being safe that contain full chain.

I have checked also other fortigate and none of them send the chain causing error on certificate validation

Checked on FortiOS 6.2 and 7.2

3 REPLIES 3
ozkanaltas
Valued Contributor III

Hello @lvfranz78 ,

 

Can you try to install the intermediate certificate to FortiGate? After installation, FortiGate will link these certificates automatically.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Importing-the-intermediate-CA-certificate-...

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
lvfranz78

Intermediate are just present. If I try to import, Fortigate told me that are duplicated.

ozkanaltas
Valued Contributor III

Hello @lvfranz78 ,

 

Could you have uploaded an intermediate certificate that is not compatible with your certificate?

 

From here, you can see which certificates FortiGate is sending when you test your SSL-VPN portal.

 

https://www.ssllabs.com/ssltest/

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors