Technical Tip: SSL/TLS and the use of Digital Cert...

Markus_M · 09-10-2025

Description This article describes FTP communication through FortiProxy and the required Syntax with CURL. Scope FortiProxy may also be applicable for FortiGate to some extent. Solution CURL is a versatile command-line program available for Linux and...

Markus_M · 07-07-2025

Description This article describes general troubleshooting and considerations when deploying the FortiAuthenticator to handle FSSO operation in high-performance environments. Scope FortiAuthenticator is used as an FSSO Collector. Solution Table of co...

Markus_M · 11-04-2024

Description This article describes an example use case for certmonger and the FortiAuthenticator as SCEP server. Note that certmonger is a third party tool and not endorsed by Fortinet. Its documentation can be found here:https://www.freeipa.org/page...

Markus_M · 09-05-2024

Description This article describes the general setup on an SMS gateway. It links to a few more specific setups as well. It intends to expand the documentation on the administration guide: SMS Gateway documentation Note that this does not include the ...

Markus_M · 09-21-2023

Description This article describes best practices for hardening environments with the FortiAuthenticator. It may in parts be true for other installations. Scope FortiAuthenticator all versions. FortiGate configuration is referred to in parts. Solutio...

Markus_M · 10-14-2025

Then you may need to re-check what you created and uploaded, what the switch and firmware is. It works fine for me on a FortiSwitch. I can select the certificate in the SSL config as GUI HTTPS certificate.

Markus_M · 10-14-2025

You'll need a tool to check certificates sent by the server (FAC). As said, just browsing FortiAuthenticator from the end station without a captive portal has to work without issues. You can use OpenSSL to check from within the guest network, unauthe...

Markus_M · 10-14-2025

Make sure it has the correct key usages (digitalSignature, keyEncipherment) on the certificate and extended key usage (server authentication).

Markus_M · 10-14-2025

Multiple things that are unrelated to each other. @Jasys wrote: same if you go direct to the FAC address. That must work without error. First verify that this indeed is the FortiAuthenticator certificate. If the phone has a problem trust what FortiAu...

Markus_M · 10-12-2025

You would want to check and compare logs of when it sometimes works and sometimes doesn't. See if you have that occurrence for the same user, and try to spot what the reason for different results on the same query is.

User Statistics

User Activity

Technical Tip: Explicit FTP proxy communication with CURL through FortiProxy

Technical Tip: FSSO performance optimization for FortiAuthenticator as collector

Technical Tip: Example of use of certmonger and FortiAuthenticator as SCEP server.

Technical Tip: General SMS Gateway configuration for OTP or second factor authentication

Technical Tip: Best practices on hardening FortiAuthenticator environments

Re: Uploaded SSL certificate self signed missing on FortiSwitch

Re: Apple Devices with Captive Portal

Re: Uploaded SSL certificate self signed missing on FortiSwitch

Re: Apple Devices with Captive Portal

Re: Problem logout using Fortiauthenticator OAUTH2 service

Technical Tip: SSL/TLS and the use of Digital Cert...

Technical Tip: Best practices on hardening FortiAu...

Technical Tip: Configuring DPD (dead peer detectio...

Technical Tip: FSSO performance optimization for F...

Technical Tip: DHCP address leases on a FortiGate

Re: 802.1X Wireless Machine Certificate based RADI...

Re: LDAP cert Configuration error

Re: UNABLE TO ACCESS MY GATEWAY VIA WEB GUI OR SSH

Re: FortiAuthenticator Guest Captive Portal Cannot...

Re: Detailed Specifications of 　File System Check ...

KCS

User Statistics

User Activity

You are leaving our website