You can now configure a local CA on FortiAuthenticator. This will be used to generate client certificates for authentication via EAP-TLS.
- In Certificate Management > Certificate Authorities > Local CAs, select Create New.
- Configure the following settings:
- Set the Certificate ID to the Local_Root_CA_Name.
- In Certificate Authority Type, set the Certificate Type to Root CA.
- In Subject Information, configure the Name, Department, Company, City, State/Province, Country, and Email address for your certificate.
- In Advanced Options > Key Usages, choose all Key Usages and Extended Key Usages.
- Leave all other settings as their default, and click OK.