Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
dmlynarczyk
New Contributor

TCP port 514 in FortiAnalyzer >> How to set custom certificate for that service?

TCP port 514 in FortiAnalyzer >> custom certificate

During a recent vulnerability security scanning, TCP port 514 has been flagged out to be have weak SSL cert.

The recommendation was to get a propert SSL certificate for the appliance.. but there is no option to do this..

Under the FA admin console we can upload only custom ssl for web access on port 443, but I can't find the option for ssl on port 514..I will be grateful for any advice how to set ssl from internal CA for this service on port 514.

 

Thx,

2 REPLIES 2
nathan_h
Staff
Staff

Hi dmlynarczyk,

 

Can you check the KB Article below if this what you are trying to achieve?

 

https://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-How-to-use-an-alternate-server-certifi...

Nathan
FCP-NS, FCP-PCS, FCP-SO, FCSS-NS, FCSS-PCS, FCSS-SASE
demeinpre
New Contributor

I have smallstep in my internal homelab domain and it has been rock solid. Internal ACME works seamlessly. And use cert requests against the CA for case where I can't easily wire in acme. I use letsencrypt for the public side but still proxy through cloudflare for most external services https://vidmate.bid/

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors