Hello everybody,
I'm struggling with deep packet inspection. My scope is not to use the FORTINET_CA_SSL certificate. But there is one thing I don't understand:
only the certificates under the "Local CA Certificates"section can be used? Can't I use the certificates under the "Remote CA Certificates" section? If not, what kind of certificates can be added to the Local CA Certificates section?
It's not deeply clear to me the difference between the two sections.
Thank you for your help!
Solved! Go to Solution.
FORTINET_CA_SSL has a field in it which is CA:True. To achieve this, you will need to configure your own Certificate CA Server. You can use Windows Server CA or FortiAuthenticator to achieve this. You will then have to import the root or intermediate certificates generated by the CA into Fortigate.
Refer here on how to import the CA certificate properly such that you are able to use it for deep-inspection purposes: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-the-CA-certificate-for-full-...
Public CA like digicert etc will never provide their CA certificate where CA:True.
Hope you will get a idea from below:
First, answers for your questions:
FORTINET_CA_SSL has a field in it which is CA:True. To achieve this, you will need to configure your own Certificate CA Server. You can use Windows Server CA or FortiAuthenticator to achieve this. You will then have to import the root or intermediate certificates generated by the CA into Fortigate.
Refer here on how to import the CA certificate properly such that you are able to use it for deep-inspection purposes: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-the-CA-certificate-for-full-...
Public CA like digicert etc will never provide their CA certificate where CA:True.
Hope you will get a idea from below:
First, answers for your questions:
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.