- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ssl vpn with ldap authentification
hi everyone. i need to configure ssl vpn with ldap authentification.
is it obliged to generate a certificate from my winfows server, or use the buikt in certificate of fortigate or buy a certificate for may vpn connection.
please help
- Labels:
-
SSL-VPN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @matchelo
You have 3 options:
1. Generate a Certificate from Windows Server: You can generate and export a CA certificate from your Windows Server and import it into the FortiGate for SSL VPN authentication.
2. Use the Built-in Certificate of FortiGate: FortiGate provides a default self-signed certificate that you can use for SSL VPN. However, it is recommended to use a trusted CA certificate for better security.
3. Buy a Certificate for VPN Connection: You can purchase a certificate from a trusted Certificate Authority (CA) for your VPN connection. This option provides the highest level of security and trust for your SSL VPN setup.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4. Install a Let's Encrypt certificate, which is a trusted CA and free. It's as secure as a paid certificate, and supports automatic renewal through the ACME protocol.
The main issue with using a built-in or self signed certificate is that you'll get a certificate warning unless you install the root certificate to your trusted root certificate store. Also, renewals is a very manual job.
And regarding option 1, you can generate a certificate from a linux computer too, just saying :)
![](/skins/images/03B6F9D09B0B73D4E0068FD5D5412A2D/responsive_peak/images/icon_anonymous_message.png)