Windows PKI certificate does not work with FortiClient VPN for Mac OSX

Kauly · ‎09-11-2024

I have the problem that when I use my personal PKI certificate of our domain under a Windows FortiClient VPN I have no problems, but when I want to use this or another certificate created for the Mac, I get a “Permission denied”.

If I use a certificate created with Open SSL, the connection works.

Does anyone here have any idea what needs to be changed in the certificate template in the PKI so that the certificates also work with the FortiClient for Mac, or where the problem lies?

With best regards
Michael

AEK · ‎09-11-2024

Did you install the CA certificate on your MacOS (Keychain Access)?

AEK

Kauly · ‎09-11-2024

yes, I have installed them

AEK · ‎09-11-2024

The issue may be other.

Can you export and share logs from FortiClient? (you can remove public IP from output).

And try run debug on FG while you connect.

diagnose debug application sslvpn -1
diagnose debug enable

AEK

Kauly · ‎09-12-2024

Hello, thanks for the answer. Yes, I can export the log, but I can't activate the debug mode in the free FortiClient VPN via the settings. Or where would I have to enter the debug parameters from you, or what do you mean by “FG”?

AEK · ‎09-12-2024

Hi Kauly

The debug commands must be run on the remote VPN server (FortiGate)

AEK

Windows PKI certificate does not work with FortiClient VPN for Mac OSX

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website