Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
miguel1423
New Contributor

Inspection SSL Untrusted CA

Hello,

 

We have the deep inspection activated for the outcoming connexion. Microsoft has changed their certificat for the hostname europe.cp.wd.microsoft.com resently with an another CA and now I get the error "block-cert-untrusted" from the UTM.

 

So I think to resolve this issue I have to import manually the new chain for this CA in the fortigate ? where can I get the CA list that the fortigate already know ? Does the CA list are automatiquely updated from fortiguard ? 

 

Before I was on checkpoin and I had to import manually the CA cert.

 

Thank you for your answer

Regards,

 

 

Regards,

 

 

1 Solution
3 REPLIES 3
miguel1423
New Contributor

Hello @chauhans 

Thank you I forgot to check that on the SSL profile, Thank you for your reply 

Have a nice day

 

Regards,

smayank
Staff
Staff

Hello 

 

Certificate list is updated by fortiguard. As this is a recent changes you might need to upload root CA.

Please run 

# diag debug application update -1
# diag debug enable
# exec update-now
Thanks & Regards
Mayank Sharma

Top Kudoed Authors