ZTNA certificate acceptance and forticlient update notifications
1 we use ztna with azure ad authentication this works perfect but the users still get a popup for the fortigate certificate. This isn’t user friendly. Did you disabled the certificate in ztna or how did you solve this issue?
2 we have an onnet configuration where the ztna rules are removed and a offnet setup where the rules are set and the users are able to connect via ZTNA. The forticlient sends notifications when the rules are added or removed. Is it possible to stop notifications on/via the forticlient installed on our windows laptops?
The issuing CA of the ceritifcate needs to be trusted. The default FortiGate certificates are all issued by the built-in FortiGate CA which by default (of course) is not trusted by anyone. You either need to install that CA cert and trust it on all your devices, or use your own trusted PKI and generate a new cert or purchase a cert from a trusted authority.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.