Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Cyriel
New Contributor

[deep-scanning] Import Firefox root-CA list

Hello,

 

I try to export all firefox root-ca for import to the Fortigate Unit.

Do you have any idea for the best solution ?

 

The goal is activate this option for control if the CA Certificate is signed by trusted CA.

config firewall ssl-ssh-profile
edit deep-inspection
config https
set allow-invalid-server-cert disable
set ssl-ca-list enable
end
end

 

Thank you for your help.

1 REPLY 1
Cyriel
New Contributor

I found the perl script mk-ca-bundle that I adapted for Fortigate.

You can find it here : http://git.noweak.fr/cyriel/mk-ca-bundle-pl/blob/master/mk-ca-bundle.pl

 

Usage : ./mk-ca-bundle.pl -v -d release -p ALL:ALL

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors