Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Contributor II

Signing FortiClient packages using EMS

Hello everybody,

I've been having difficulty installing FortiClient via EMS on Windows clients. I realized that a problem could be the Windows smartscreen.

Through EMS it is possible to import an ssl certificate to be able to sign FortiClient packages.

Through this procedure I created the certificate template, issued it and imported it on EMS:

Create a code signing cert for Windows Defender Application Control


I then tried installing the package on a client but the smartscreen continues to prevent the installation from starting until you hit run anyway.

The certificate chain is present on all Servers/Clients.


Could the problem be too narrow smart screen settings?


thanks in advance for your sharing.


Community Manager
Community Manager

Hello ac,


Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Anthony-Fortinet Community Team.



Please note that EMS does not have any settings for Windows SmartScreen:



For now, you can disable Windows SmartScreen only.


Windows SmartScreen settings in EMS would be a new feature request. Please contact Fortinet regional sales partner channel and make this feature request.

Or Fortinet Local Sale Engineer


Kind regards

Chavdar Tanev


Chavdar Tanev
Contributor II

The first error indicates that the application being installed is not signed, for this reason I issued and installed the ssl certificate to sign the FortiClient package.

I thought it would help, but we have noticed that the SmartScreen keeps crashing the installation reporting the same problem.

The next error states "Microsoft Defender SmartScreen prevented an unrecognized app from starting."

Top Kudoed Authors