Technical Tip How to downlod a certificate on FortiClient EMS cloud

Hiroki · ‎12-01-2022

We need to get a certificate on Forticlient EMS cloud. because we want to connect to our Fortigate and FortiClient EMS cloud (ZTNA)

We read a munual of FortiClient EMS cloud. The munaual said "Configure FortiClient Cloud in Security Fabric > Settings > FortiClient Endpoint Management System (EMS) in FortiOS."

But our Fortigate cannot connect FortiClient EMS cloud.

The error message is certificate authentication is failed .

So we want to download a certificate from FortClient EMS cloud in order to import forticlient EMS cloud certificate on our Fortigate.

Please tell me how to download a certificaate on FortiClient EMS Cloud?

I cannot find download botton on Forticlient EMS cloud.

Anthony_E · ‎12-04-2022

Hello Hiroki,

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Regards,

Anthony-Fortinet Community Team.

Anthony_E · ‎12-06-2022

Hello Hiroki,

could you indicate us, which version you are using please?

Regards,

Anthony-Fortinet Community Team.

Hiroki · ‎12-06-2022

Thank you for the reply.

The OS version is this.

.Fortigate is 7.2.2 .

.Forticloud is 7.0.7.0398 .

Thank you.

Anthony_E · ‎12-06-2022

Hello Hiroki,

I have found this guide:

https://docs.fortinet.com/document/forticlient/7.0.4/ems-administration-guide/845200/ca-certificates

Could you please have a look and tell us if it is helping?

Regards,

Anthony-Fortinet Community Team.

Hiroki · ‎12-12-2022

Hello Anthony,

Thank you for the advise.

I tried it, but our Fortigate cannot connect Forticlient EMS Cloud.

And I read the manual.

https://docs.fortinet.com/document/forticlient/7.0.7/ems-administration-guide/319002/configuring-ems...

However, the items in the sharing settings are different from the manual.

The item is following.

Can FortClient EMS Cloud connect to FortiGate?

Thank you.

RachelGomez123 · ‎12-12-2022

To configure an automated SSL certificate in FortiClient EMS:
Go to System Settings > EMS Settings.
Ensure that Remote HTTPS access and Redirect HTTP request to HTTPS are enabled. Externally access EMS via ports 80 and 443 is possible using the configured fully qualified domain name (FQDN).
In the SSL certificate field, click the Import SSL certificate button.
Select Automated.
In the Domain field, enter the EMS FQDN. For the Let's Encrypt server to issue the certificate, the public DNS server must resolve the EMS FQDN to the EMS public IP address.
In the Email field, enter a valid email address.
If desired, enable Auto Renew. When Auto Renew is enabled, FortiClient EMS automatically renews the certificate before expiry.
Select the checkbox to agree to Let's Encrypt's terms of service.
Click Import.
To manually upload an SSL certificate in FortiClient EMS:
Go to System Settings > EMS Settings.
In the SSL certificate field, click the Import SSL certificate button.
Select Upload.
In the Certificate field, browse to and select the desired certificate.
In the Certificate Password field, configure the desired password for the certificate.
Click Upload.

Regards,

Rachel Gomez

Hiroki · ‎12-12-2022

Thank you for the advise.

However We cannot find the HTTPS access setting?

I attach the configurable Forticlient EMScloud screen below.

Br;

ikatutu · ‎04-24-2023

Did you find the solution for this issue yet... we have a similar issue with the forticlient EMS cloud. please let me know if you find a solution and what you did to fix it... thank you so much

btan · ‎04-24-2023

Hello,

Are you trying to setup FGT<>EMS Cloud fabric connector? For EMS Cloud, both FGT S/N and EMS Cloud must be registered under the same FortiCloud account to form a connector. I'd advise to raise a ticket to TAC for them to check for you.

Regards,
Bon

Technical Tip How to downlod a certificate on FortiClient EMS cloud

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website