Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor III

IPS to protect the server without importing Fortinet_SSL certificate to Client

Hi Team,

We are setting up IPS protection for the server hosted in our Data center which is behind the Fortigate. For efficient IPS functionality, I would like to use the deep SSL inspection..With the deep SSL inspection, I understand that FG uses its own local certificate for encrypting/encrypting the traffic and hence we need the FG certificate imported to Client browser. We have users across the regions who will be connecting to the server hosted in our DC so asking the clients to import the FG Certificate will not be feasible solution..Is it possible to use public CA certificate as local certificate (which obviously will be already in trusted certificate) but the certificate provided by Client is not getting installed as Local CA certificate. 


Have anyone setup this setup without the need of importing certificate? I would appreciate if you can provide your experience on the same..


Thanks, Sandeep Jha

Top Kudoed Authors