Fortinet Document Library

Version:

Version:


Table of Contents

Cookbook

Download PDF
Copy Link

Configure the local root CA

You can now configure a local CA on FortiAuthenticator. This will be used to generate client certificates for authentication via EAP-TLS.

To configure the Local Root CA:
  1. In Certificate Management > Certificate Authorities > Local CAs, select Create New.
  2.  Configure the following settings:
    1. Set the Certificate ID to the Local_Root_CA_Name.
    2. In Certificate Authority Type, set the Certificate Type to Root CA.
    3. In Subject Information, configure the Name, Department, Company, City, State/Province, Country, and Email address for your certificate.
    4. In Advanced Options > Key Usages, choose all Key Usages and Extended Key Usages.
  3. Leave all other settings as their default, and click OK.

Configure the local root CA

You can now configure a local CA on FortiAuthenticator. This will be used to generate client certificates for authentication via EAP-TLS.

To configure the Local Root CA:
  1. In Certificate Management > Certificate Authorities > Local CAs, select Create New.
  2.  Configure the following settings:
    1. Set the Certificate ID to the Local_Root_CA_Name.
    2. In Certificate Authority Type, set the Certificate Type to Root CA.
    3. In Subject Information, configure the Name, Department, Company, City, State/Province, Country, and Email address for your certificate.
    4. In Advanced Options > Key Usages, choose all Key Usages and Extended Key Usages.
  3. Leave all other settings as their default, and click OK.