Fortinet white logo
Fortinet white logo

Special notices

Special notices

ZTNA certificates

Zero trust network access (ZTNA) certificate provisioning requires Trusted Platform Module (TPM) 2.0 on the endpoint with one of the following:

  • Maximum of TLS 1.2 in FortiOS
  • Maximum of TLS 1.3 in FortiOS if the TPM 2.0 implementation in the endpoint supports RSA PSS signatures

For ZTNA tags for checking certificates, FortiClient (Linux) does not check user certificates and only checks root certificate authority certificates installed on the system. These routes are:

Operating system

Route

  • Ubuntu
  • Debian

/etc/ssl/certs/ca-certificates.crt

  • CentOS
  • Red Hat

/etc/pki/tls/certs/ca-bundle.crt

Special notices

Special notices

ZTNA certificates

Zero trust network access (ZTNA) certificate provisioning requires Trusted Platform Module (TPM) 2.0 on the endpoint with one of the following:

  • Maximum of TLS 1.2 in FortiOS
  • Maximum of TLS 1.3 in FortiOS if the TPM 2.0 implementation in the endpoint supports RSA PSS signatures

For ZTNA tags for checking certificates, FortiClient (Linux) does not check user certificates and only checks root certificate authority certificates installed on the system. These routes are:

Operating system

Route

  • Ubuntu
  • Debian

/etc/ssl/certs/ca-certificates.crt

  • CentOS
  • Red Hat

/etc/pki/tls/certs/ca-bundle.crt