Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
wm999
New Contributor

How to purchase SSL certificate just for the Fortigate 30E to use for an SSL VPN tunnel?

Hello all,

 

I bought a Fortigate 30E solely for the purpose of setting up a VPN tunnel to my residential home office for use while I'm traveling overseas because I'll need access to gmail, etc. while in Asia (and I don't want to use a VPN subscription service such as NordVPN for accessing sensitive business accounts). 

 

I was initially going to try using a Let's Encrypt SSL certificate but another member of this forum told me that the Fortigate 30E doesn't support that. So it's not clear to me how I can obtain an SSL certificate that will work with the Fortigate 30E VPN tunnel. 

 

How can I do this, any ideas? If I just tried to buy an SSL certificate for a dormant domain that I own through Google Domains, that wouldn't work, would it? Because I think the certificate has to be specifically associated to the Fortigate somehow when it's first created?

1 REPLY 1
Antoine
New Contributor II

You can certainly upload a full certificate along with its private key (which has to be in PKCS#12 format, also known as .pfx) to the FortiGate. So if you can extract your dormant-domain certificate to PKCS#12 format and it matches the hostname (as seen from the internet) of your router, you could use it.

Top Kudoed Authors