Technical Tip: Generate CSR via FortiGate CLI

jmacdonaldplante · 04-12-2016

DescriptionAs of January 1st, 2016, most modern browsers (For example: FireFox and Chrome) will no longer accept certificates signed using SHA-1 as SHA-1 is no longer considered secure. As such, network security engineers should be updating their cer...

jmacdonaldplante · 05-14-2015

Description This article describes that there may be scenarios where a Certificate and its Private Key is needed on multiple FortiGate/FortiWifi Appliances and/or virtual machines.The steps to follow will typically work between different firmware, bu...

jmacdonaldplante · 05-01-2015

Description This article explains how to generate a CSR in the FortiGate CLI. Scope FortiGate. Solution To generate a CSR from the FortiGate CLI, the following command can be used – 'execute vpn certificate [store] generate [...]' Command Syntax: exe...

jmacdonaldplante · 05-01-2015

DescriptionIn FortiOS 5, Certificate Signing Requests (CSRs) can include multiple Subject Alternative Names. In the GUI, the Subject Alternative Name (SAN) text field does allows multiple items to be entered(comma delimited), the text field itself ha...

jmacdonaldplante · 04-17-2015

Description This article describes that while FortiOS does have an option for importing PKCS#12 formatted certificates, there are scenarios in which FortiOS will claim that the file is an invalid certificate or get an error 'Certificate parse PKCS12 ...

User Statistics

User Activity

Technical Note: SHA versions for SSL Certificates and Limitations

Technical Tip: Moving or copying a Certificate and its Private Key to another FortiGate or FortiWiFi