Helo all.
I have issue after reinstalling my computer to latest Windows 11. I've installed Forticlient 7.2.4.0972. I has two profiles that uses personal certificates and username an password. I has also two certificates with private kyes in Windows Key store in Presonal Certificates folder. When i try to connect to VPN in drop box i only see one certificate, even if i have installed two personal certifiactes. When i try to create new connection, i see both certificates, but after saving new connection i can't see one of the certificates in drop box again. I've tested this on two independent computers. My college also try to import my certificate on his computer (Windows 10 and older Forticlient version) and he see certifacate and is able to connect to VPN.
I appreciate any help.
Thank You
Solved! Go to Solution.
As @ebilcari suggested, I would suggest checking your xml file configuration. It appears you may be filtering the certificates or have another xml setting configured that is preventing them from being displayed. Specifically, I would inspect the 3 settings in your configuration file that I have marked with "XXXXX" below:
<forticlient_configuration>
<vpn>
<options>
<certs_require_keyspec>XXXXX</certs_require_keyspec>
</options>
<sslvpn>
<options>
<show_auth_cert_only>XXXXX</show_auth_cert_only>
</options>
<connections>
<connection>
<certificate>
XXXXX <-- This is where the settings to filter what certificates are shown in the client appear.
</certificate>
</connection>
</connections>
</sslvpn>
</vpn>
</forticlient_configuration>
Check these and report back.
Hello, kindly see the below kb for the certificate installation steps:
Created on 03-30-2024 12:28 PM Edited on 03-30-2024 12:31 PM
Hello, this is not my case
As you can see, i have certificates installed under current user and not under local computer certificates.
But under FortiClient i see only one certificate
Created on 07-25-2024 03:37 AM Edited on 07-25-2024 03:37 AM
Based on the FCT listing only one specific certificate out of many, it seems like it is specifically chosen from an XML file configuration.
I have 6 private certificates in total. In listing of forticlient i have only 2 certificates. Also i have certificates imported under Current user. Not in Local machine.
For me is absolutely UNBELIEVABLE that Fortinet does not support their own product if you have Fortigate with support. Please look around Fortinet guys. Every major player in network segment does support their client. Or pubish the source code. I will fix it for you...
As @ebilcari suggested, I would suggest checking your xml file configuration. It appears you may be filtering the certificates or have another xml setting configured that is preventing them from being displayed. Specifically, I would inspect the 3 settings in your configuration file that I have marked with "XXXXX" below:
<forticlient_configuration>
<vpn>
<options>
<certs_require_keyspec>XXXXX</certs_require_keyspec>
</options>
<sslvpn>
<options>
<show_auth_cert_only>XXXXX</show_auth_cert_only>
</options>
<connections>
<connection>
<certificate>
XXXXX <-- This is where the settings to filter what certificates are shown in the client appear.
</certificate>
</connection>
</connections>
</sslvpn>
</vpn>
</forticlient_configuration>
Check these and report back.
Thank You for your help
<show_auth_cert_only>XXXXX</show_auth_cert_only> was set to 1 after every backup.
After rewrite to 0 save XML and restore modified XML I can see every certificate in my Current user certificate store.
Really help much.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.