Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
LeadTogether
New Contributor II

Created on ‎02-05-2025 08:56 AM

MacOS 15 login screen pop-up from FortiClientAgent: "You are making changes to your Certificate Trus

On MacOS 15 (FortiClient version 7.2.6), at the MacOS login screen a message appears prompting for credentials.  The message states:

 

FortiClientAgent

You are making changes to your Certificate Trust Settings.

Enter the name and password of a user in the "(null)" group to allow this.

 

No matter what credentials are entered, it won't accept them.

 

I've opened a case with support, to no avail so far.

They referred me to this article (for an older version of FortiClient), and I added all the services it mentions that need full disk access and checked the other settings:

https://docs.fortinet.com/document/forticlient/7.0.9/macos-release-notes/223986

 

I would investigate downgrading to see if that helps, but we want to be on the latest release so that we are up-to-date on security patches.

 

Does anyone have any suggestions?

 

Thanks in advance for any advice.

Labels:
4099
0 Kudos
1 Solution
LeadTogether
New Contributor II

Created on ‎02-19-2025 04:38 AM

FortiNet support took a look at it and eventually determined that this is a bug in version 7.2.6 and 7.2.8.

View solution in original post

3772
0 Kudos
8 REPLIES 8
MZBZ
Staff
Staff

Created on ‎02-08-2025 11:07 AM

Please verify the output of  systemextensionsctl list 

https://docs.fortinet.com/document/forticlient/7.2.8/macos-release-notes/223986/special-notices

 

M. B.
4021
LeadTogether
New Contributor II
In response to MZBZ

Created on ‎02-10-2025 05:42 AM

Thanks for the suggestion.

 

The output of "systemextensionsctl list" matches the article.

 

Screenshot 2025-02-10 at 8.14.30 AM.png

3971
0 Kudos
LeadTogether
New Contributor II

Created on ‎02-12-2025 10:47 AM

I uninstall 7.2.6 and installed the latest 7.2.x version (7.2.8) and also minimized the features installed (in EMS) to just remote access and vulnerability scanning.  No change.

 

The problem only appears at the login screen.

 

If I uninstall the FortiClient, the same prompt appears but with a valid user ID and it works to put the password in.  It also works OK when installing FortiClient.  (The prompt appears within a minute after installing.)

What appears to be happening is that the FortiClientAgent is running at startup, before a user logs-in, and for whatever reason it is trying to modify a certificate store.  MacOS requires credentials for that, but since no one is logged-in, it prompts for "null" credentials, which don't work.

This appears to be a bug.  I haven't seen anything in the 7.2.x release notes about it though.

3940
0 Kudos
LeadTogether
New Contributor II

Created on ‎02-12-2025 10:54 AM

To clarify, this is what the dialog looks like.  No matter what credentials are entered, they are not accepted.

2025-02-12 13_53_34-Service Request Detail - 4024019_ FortiClientAgent pop-up log....jpg

 

3937
0 Kudos
LeadTogether
New Contributor II

Created on ‎02-12-2025 11:19 AM

And something else I discovered: The prompt will appear at the login screen even after logging out of MacOS, not just upon restarting the system.

3933
0 Kudos
MZBZ
Staff
Staff

Created on ‎02-18-2025 01:06 PM

Try a fresh reinstall: FortiClient blank console on Mac - Fortinet Community

M. B.
3794
LeadTogether
New Contributor II

Created on ‎02-19-2025 04:38 AM

FortiNet support took a look at it and eventually determined that this is a bug in version 7.2.6 and 7.2.8.

3773
0 Kudos
LeadTogether
New Contributor II

Created on ‎04-16-2025 07:57 AM

I tested the 7.2.9 FortiClient for Mac release and confirmed that the problem is fixed.

2880
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.