SSL_VPN/Https/SAMP SP signing Certificate is about to expire. I have been able to import it in our other firewall 1 via the GUI after changing private key format to UTF-8 but I have a difficulty on the other firewall 2 that Im unable to import the certificate and getting this error "Incorrect certificate file format for CA/LOCAL/CRL/REMOTE cert."
- 2 FGVM
-FOS 7.0.14
Thank you!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @martyyy - Are you using signed certificate from the vendor? If so, you can ask them to provide the .pfx file and upload it on FortiGate System>Certificates>Create/Import>Certificate>Import Certificate>Choose PKCS#12 Certificate>Upload.
Hi, If expire certificate is not delete from foritgate and you have update it through cli without generating CSR.
Please click on below link and reference document.
We get an updated cert in PEM format(*.crt) every year. So simply follow the KB to create a new one with slightly different name like "xxxx-2024".
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-a-new-local-certificate-afte...
Toshi
Hi @rtanagras @Toshi_Esumi ,
Thank you guys for your insights. I managed to import the certificate after rebooting the firewall.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1714 | |
1093 | |
752 | |
447 | |
232 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.