Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
angelop91
New Contributor

Wireless Captive Portal Authentication using SAML Credentials and Azure as IdP

Hi evrybody,

 

i am trying to configure wifi access with saml AZURE following this guide https://community.fortinet.com/t5/FortiGate/Technical-Tip-Wireless-Authentication-using-SAML-Credent...

 

in essence I have configured a fqdn instead of the ip of the ssid which is resolved internally by the fortigate DNS, the certificate is a wildcard signed by a CA. What happens is that when I try to connect to the SSID I am redirected correctly to the fqdn I have configured. but I get a certificate error as it does not match the CN of the FQDN but looks like Fortinet. Do you know how I can change the certificate presented to me?

Thanks in advice.

3 REPLIES 3
kiri
Staff
Staff

Hi angelop91,
Did you upload the wildcard cert to the firewall and configure it?
You can set the cert in 2 sections.

 

config system global
set admin-server-cert

 

and/or

 

config user setting
set auth-cert

 

Make sure the wildcard is set in both.
If you can't set it in config user setting, then it's not available on your FOS version.
config system global only should do in that case.

Let me know if this helps.

angelop91
New Contributor

Hi @cchiriches

 

yes, wildcard cert are set on both side u advice, but again the captive portal web page certificate continue to present with Fortinet certificate instead of wildcard.

kiri

Hi angelop91,

Sorry for the late reply.

Please run this on the firewall, check where else the factory cert is set.

show full-configuration | grep -f Fortinet_Factory

See if this helps to identify where else you should replace it.

But I can't think of any other place except the two I mentioned already.

Labels
Top Kudoed Authors