We need to get a certificate on Forticlient EMS cloud. because we want to connect to our Fortigate and FortiClient EMS cloud (ZTNA)
We read a munual of FortiClient EMS cloud. The munaual said "Configure FortiClient Cloud in Security Fabric > Settings > FortiClient Endpoint Management System (EMS) in FortiOS."
But our Fortigate cannot connect FortiClient EMS cloud.
The error message is certificate authentication is failed .
So we want to download a certificate from FortClient EMS cloud in order to import forticlient EMS cloud certificate on our Fortigate.
Please tell me how to download a certificaate on FortiClient EMS Cloud?
I cannot find download botton on Forticlient EMS cloud.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Hiroki,
Thank you for using the Community Forum.
I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Regards,
Hello Hiroki,
could you indicate us, which version you are using please?
Regards,
Thank you for the reply.
The OS version is this.
.Fortigate is 7.2.2 .
.Forticloud is 7.0.7.0398 .
Thank you.
Hello Hiroki,
I have found this guide:
https://docs.fortinet.com/document/forticlient/7.0.4/ems-administration-guide/845200/ca-certificates
Could you please have a look and tell us if it is helping?
Regards,
Hello Anthony,
Thank you for the advise.
I tried it, but our Fortigate cannot connect Forticlient EMS Cloud.
And I read the manual.
However, the items in the sharing settings are different from the manual.
The item is following.
Can FortClient EMS Cloud connect to FortiGate?
Thank you.
To configure an automated SSL certificate in FortiClient EMS:
Go to System Settings > EMS Settings.
Ensure that Remote HTTPS access and Redirect HTTP request to HTTPS are enabled. Externally access EMS via ports 80 and 443 is possible using the configured fully qualified domain name (FQDN).
In the SSL certificate field, click the Import SSL certificate button.
Select Automated.
In the Domain field, enter the EMS FQDN. For the Let's Encrypt server to issue the certificate, the public DNS server must resolve the EMS FQDN to the EMS public IP address.
In the Email field, enter a valid email address.
If desired, enable Auto Renew. When Auto Renew is enabled, FortiClient EMS automatically renews the certificate before expiry.
Select the checkbox to agree to Let's Encrypt's terms of service.
Click Import.
To manually upload an SSL certificate in FortiClient EMS:
Go to System Settings > EMS Settings.
In the SSL certificate field, click the Import SSL certificate button.
Select Upload.
In the Certificate field, browse to and select the desired certificate.
In the Certificate Password field, configure the desired password for the certificate.
Click Upload.
Regards,
Rachel Gomez
Thank you for the advise.
However We cannot find the HTTPS access setting?
I attach the configurable Forticlient EMScloud screen below.
Br;
Created on 04-24-2023 12:24 PM Edited on 04-24-2023 12:27 PM
Did you find the solution for this issue yet... we have a similar issue with the forticlient EMS cloud. please let me know if you find a solution and what you did to fix it... thank you so much
Hello,
Are you trying to setup FGT<>EMS Cloud fabric connector? For EMS Cloud, both FGT S/N and EMS Cloud must be registered under the same FortiCloud account to form a connector. I'd advise to raise a ticket to TAC for them to check for you.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.