Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
admclayton
New Contributor

Loss of access to FortiEMS 7.4.4. WEB console after replacing the Certificate

After deploying FORTIEMS 7.4.4, the Webserver certificate was replaced via the GUI, under EMS Settings → Webserver Certificate, changing from FCTEMSXXXXXXXXXX.cert to fcems-server.cert.

After this change, access to the console was immediately lost. Even after restarting FORTIEMS, access could not be restored.

 

Would it be possible to:

 

  1. Restore the console to its default settings; or

  2. Revert/change the certificate again through the EMS CLI?

3 REPLIES 3
funkylicious
SuperUser
SuperUser

hi,

try in /etc/apache2 and search for the lines where the new certificate is preset and replace it with the old one which should be in /opt/forticlientems/data/certs , like:  /opt/forticlientems/data/certs/FCTEMS*.1.cert should be present in the config files.

then do a restart for apache / ems 


L.E. i've found it in 

/etc/apache2/sites-available/ems-webserver.conf
/etc/apache2/sites-available/ems-fileserver.conf
/etc/apache2/sites-enabled/ems-webserver.conf
/etc/apache2/sites-enabled/ems-fileserver.conf

 

a useful command to see logs, emscli service log --follow --all 

"jack of all trades, master of none"
"jack of all trades, master of none"
admclayton

Dear

 

This command is not available in the FortiEMS CLI terminal to access a directory or change files.
When applying the indicated commands, the following message appears:

Error: unknown command "cd" for "emscli"
Error: unknown command "cat" for "emscli"

 

image.png

 

 

funkylicious

oh, you are running a virtual appliace. dont think you have access to shell from it.

try instead, service enable-debug --all and service log --follow --all , these should give you some logs and see something about your issue.

"jack of all trades, master of none"
"jack of all trades, master of none"
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors