Hi, Please confirm my queries on below, 1. Will Fortinet_CA_SSLProxy Certificate value (HASH or Thumbprint) change if we restore the configuration which is taken from the another box? 2. If the Firmware Upgrade will change the HASH or Thumbprint on the existing Fortinet_CA_SSLProxy? 3. Is it possible to import the Fortinet_CA_SSL_Proxy certificate from Box A to Box B and make the imported certificate as default Certificate for certificate inspection?
The quick response is much helpful.
Thanks, Ramesh
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Very interesting question and I would like to know too, because we need to replace the Fortinet_CA_SSLProxy certificate on one of our 200D witch is having an SHA1 hash. We can't use this certificate anymore without getting warnings already from Chrome and 2017 all browsers will deny it.
So does Fortinet has any plan to upgrade the local CA certificates or can we import a new one?
Yes, you can move Fortinet_CA_SSLProxy Certificate with configure restore.
The Fortinet_CA_SSLProxy Certificate is an CA certificate (include private key) saved under Local certificate site. When backup setting, it include Private key/Certificate in config setting, so you may move it with config setting, upgrade firmware will not change it. You may copy/paste "Fortinet_CA_SSLProxy" part setting in config file to move it.
If download "Fortinet_CA_SSLProxy" from GUI, it only include certificate without private key, it would not works if import to another FGT.Thanks.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1679 | |
1085 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.