After its pastes do the ending quote “ and press enter. Just simply type in the command set certificate and then a double quote “ and past the cert whole. I tried to first do double quotes, and past the cert in the middle – that does not work. Set certificate “-–BEGIN CERTIFICATE-– mPjDQDYkYHKcTrGa6aH7e1w1uM7kdaBAjyAgM7xcmuTrsCeLYfd+BwIDAQABo4IDTDCCA0gwPQYJKwYBBAGCNxUHBDAwLgYmKwYBBAGCNxUIorRWhO7dYIKtkziB9KY0Īnd Press enter – The issues I had was with the quotes. Then log into the fortigate VIA cli – Putty or some kind of SSL client is way better for doing this then the web client. Open the cert with a text editor – maybe notepad – and copy the cert. They send the new cert to me, but what do I do with it… Lets say I have that will expire in 2 days – I log into my CA (godaddy in my case) and renew the cert. I had an issue following the doc so I though I would clear the water and see if I could help someone down the road. The Fortinet KB article to do it is located here: Updating the certificate the Fortigate is using is very easy, but I had problems with the syntax so I am documenting it here. Up until last week I had never updated a signed certificate, I had just created a new CSR, and rekeyed the cert. Certificates for VPN, SSL Offloading (if using Load balancing), or a signed device cert expire, we all know this.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |