Fortinet black logo

Session-Aware Load Balancing Cluster Guide

Replacing the default management certificate

5.2.10
Copy Link
Copy Doc ID 31a89d05-200d-11e9-b6f6-f8bc1258b856:981175
Download PDF

Replacing the default management certificate

The default Fortinet_Factory certificate, used for HTTPS and SSH management connections with the FortiController, has a key strength is 1024 bits. If you want to use your own certificate, which may have a higher key strength, and other advantages, such as being trusted on your network, you can use the execute user certificate upload command to install your custom certificate on the FortiController.

Then you can use the following command to replace the default server certificate with your custom certificate.

config system global

set admin-server-cert <certificate-name>

end

For security reasons, certificates are not synchronized between FortiControllers. So you need to upload the certificate and repeat the set admin-server-cert command on each FortiController in your SLBC cluster.

Replacing the default management certificate

The default Fortinet_Factory certificate, used for HTTPS and SSH management connections with the FortiController, has a key strength is 1024 bits. If you want to use your own certificate, which may have a higher key strength, and other advantages, such as being trusted on your network, you can use the execute user certificate upload command to install your custom certificate on the FortiController.

Then you can use the following command to replace the default server certificate with your custom certificate.

config system global

set admin-server-cert <certificate-name>

end

For security reasons, certificates are not synchronized between FortiControllers. So you need to upload the certificate and repeat the set admin-server-cert command on each FortiController in your SLBC cluster.