Technical Tip: Generate CSR via FortiGate CLI

jmacdonaldplante · 04-12-2016

DescriptionAs of January 1st, 2016, most modern browsers (For example: FireFox and Chrome) will no longer accept certificates signed using SHA-1 as SHA-1 is no longer considered secure. As such, network security engineers should be updating their cer...

jmacdonaldplante · 05-14-2015

Description This article describes that there may be scenarios where a Certificate and its Private Key is needed on multiple FortiGate/FortiWifi Appliances and/or virtual machines.The steps to follow will typically work between different firmware, bu...

jmacdonaldplante · 05-01-2015

DescriptionHow to use FortiToken PKI Manager with Active Directory to sign and load user certificates onto a FortiToken 300 (a hardened USB key for containing Private Keys and Public Certificates). The steps covered include: setup an Enrollment Agent...

jmacdonaldplante · 05-01-2015

Description This article explains how to generate a CSR in the FortiGate CLI. Solution To generate a CSR from the FortiGate CLI, the following command can be used – 'execute vpn certificate [store] generate [...]' Command Syntax: execute vpn certific...

jmacdonaldplante · 05-01-2015

DescriptionIn FortiOS 5, Certificate Signing Requests (CSRs) can include multiple Subject Alternative Names. In the GUI, the Subject Alternative Name (SAN) text field does allows multiple items to be entered(comma delimited), the text field itself ha...

User Statistics

User Activity

Technical Note: SHA versions for SSL Certificates and Limitations

Technical Tip: Moving or copying a Certificate and its Private Key to another FortiGate or FortiWiFi

Use Certificate Enrollment Wizard to install User Certificates onto a FortiToken-300

Technical Tip: Generate CSR via FortiGate CLI

Generate CSR via CLI when Subject Alternative Name field is long (FortiOS 5.0)

Technical Tip: Generate CSR via FortiGate CLI

Use Certificate Enrollment Wizard to install User ...

Fortinet Training Institute

KCS