Hi,
I have got FortiGate 100F v6.4.7 build 1911 (GA) and I tried to implement cert from my ADCS to use a safe URL via FQDN.
I apply a certificate here:
but when I use URL https://fortigate.domain.local I have an untrusted certificate because I see a self-sign cert from Fortigate.
View from CLI:
View from the website:
View of implemented cert:
Where do I need to change to read my cert on a website?
Does this certificate contain Subject Alternative Name (SAN) that matches the accessed FQDN? ("fortigate.xxx.local")
Setting just the CN to the desired FQDN is not sufficient in modern browsers, the SAN field must match the FQDN as well. Here's a screenshot of this website's SAN field to give a visual example:
This is not shown in your screenshot, so either it is missing, or the screenshot was just cut off. Alternatively, if you open developer tools panel in Chrome and open the security tab once the GUI is loaded, it should give a hint about what exactly is causing this certificate validation to fail.
