Hi Guys,
i need to delete an expired local certificate and upload a new one but the delete botton is grayed out and i've no access to CLI (i access directly to the public ip address), how can i replace it?
if i try to import the new one i'm promped this: "Certificate file is duplicated for CA/LOCAL/REMOTE/CRL cert."
hardware is FortiWiFi 60F Region-E
thanks
regards
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @Maerre ,
This error usually appears when:
- Certificate is uploaded in the wrong category.
- Import a certificate without private key material.
- Upload the certificate which is already present.
Can you please delete the existing new certificate and create a new certificate with the private key in the pkcs#12 format then import the certificate:
System -> certificates -> import -> Local Certificate -> PKCS#12 Certificate.
This is a way how to update without generating a new CSR
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-update-a-local-certificate-installe...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-SSL-certificate-as-a-local/t...
Here you can verify and validate a certificate following the article below:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Verifying-and-validating-the-accuracy-of-a...
Best Regards,
Vasil
Dear Maerre,
Please check the articles below, you can find detailed information there:
You can always use in the GUI the CLI console:
Best Regards,
Vasil
Hi @vdralio
thanks for the tip, i 've deleted the certificate but still have the same error when trying to import it:
"Certificate file is duplicated for CA/LOCAL/REMOTE/CRL cert."
Hi @Maerre ,
This error usually appears when:
- Certificate is uploaded in the wrong category.
- Import a certificate without private key material.
- Upload the certificate which is already present.
Can you please delete the existing new certificate and create a new certificate with the private key in the pkcs#12 format then import the certificate:
System -> certificates -> import -> Local Certificate -> PKCS#12 Certificate.
This is a way how to update without generating a new CSR
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-update-a-local-certificate-installe...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-SSL-certificate-as-a-local/t...
Here you can verify and validate a certificate following the article below:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Verifying-and-validating-the-accuracy-of-a...
Best Regards,
Vasil
thanks for the tips, helped me a lot to resolve.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.