[Solved] Firmware 5.2.3 and Wildcard SSL Certificates
I am trying to install a wildcard SSL certificate on our Fortigate 200D running firmware 5.2.3. I generated the certificate request right on the firewall itself. I am able to import the .crt certificate into the "External CA Certificates" section of the Certificates page under System > Certificates. However, I cannot select the certificate to use anywhere else - for example, under VPN > SSL > Settings > Server Certificate. It only allows me to select the factory certificate. Tech Support requested that I import the certificate as a local certificate, but when I try to do that, I get an error message - "The imported local certificate is invalid" - and cannot proceed. Has anyone had any better luck than I have and could point me in the right direction?
I was able to figure it out. I think the problem was generating the certificate request on the firewall itself and something happened to the private key. I generated a new request with OpenSSL on a different machine, exported the private key and rekeyed my certificate. I was then able to import the new certificate and private key.
While I didn't follow these two links exactly, they did provide some help, in case anyone else runs into the same issue I did.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.