Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

How to add remote server certificate to the Forticlient VPN 7.2 trusted store on Ubuntu 22.04?



I get a remote server certificate validation error when connecting to our VPN provider. I checked their certificate with, and it seems to be valid and issued by the GoDaddy


I linked Ubuntu's certificate storage as suggested in but to no luck, as you can see on the screenshot below. 




This is with #forticlient vpn on Ubuntu 22.04


Any tips are appreciated! 



Maybe try to add the intermediate CA certificate "Go Daddy Secure Certificate Authority - G2" info your Fortigate as it does not seem to be included in the FortiGuard bundle.


If that alone does not work, you can try to create a symlink to your system trust store. More details at


Hey @bpozdena_FTNT 


We are not using FortiGate - just FortiClient VPN to connect with our service provider.


I followed the steps in the article above, and as you can see on the screenshot

`.fctsslvpn_trustca`   is linked to the `/etc/ssl/certs`.


That article is from 2017. Does that solution still apply to the FortiClient VPN 7.2.2?


I was trying to say that the Fortigate is not configured correctly. You can use OpenSSL client to validate that the SSLVPN server does not send the full trust chain.


openssl s_client -connect




1)Ask your service provider to import the intermediate CA certificate "Go Daddy Secure Certificate Authority - G2" into the Fortigate.

2)Then restart the SSLVPN daemons on the Fortigate with:


fnsysctl killall sslvpnd



The change should be done during maintenance window as it will briefly disconnect all SSL VPN users.



Thank you, I'll check on that with them. 

Interestingly, windows client doesn't complain about the certificate. 


Top Kudoed Authors