Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Wireless Captive Portal Authentication using SAML Credentials and Azure as IdP

Hi evrybody,


i am trying to configure wifi access with saml AZURE following this guide


in essence I have configured a fqdn instead of the ip of the ssid which is resolved internally by the fortigate DNS, the certificate is a wildcard signed by a CA. What happens is that when I try to connect to the SSID I am redirected correctly to the fqdn I have configured. but I get a certificate error as it does not match the CN of the FQDN but looks like Fortinet. Do you know how I can change the certificate presented to me?

Thanks in advice.


Hi angelop91,
Did you upload the wildcard cert to the firewall and configure it?
You can set the cert in 2 sections.


config system global
set admin-server-cert




config user setting
set auth-cert


Make sure the wildcard is set in both.
If you can't set it in config user setting, then it's not available on your FOS version.
config system global only should do in that case.

Let me know if this helps.

New Contributor

Hi @cchiriches


yes, wildcard cert are set on both side u advice, but again the captive portal web page certificate continue to present with Fortinet certificate instead of wildcard.


Hi angelop91,

Sorry for the late reply.

Please run this on the firewall, check where else the factory cert is set.

show full-configuration | grep -f Fortinet_Factory

See if this helps to identify where else you should replace it.

But I can't think of any other place except the two I mentioned already.


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors