If you want to use a trusted private CA to sign the certificate, use the CSR to apply for an SSL certificate with your trusted private CA.
- On FortiAuthenticator, go to Certificate Management > Certificate Authorities > Local CAs and select Import.
- Set Type to CSR to sign, enter a Certificate ID, and specify the example-cert.csr file.
Select the Certificate authority from the dropdown menu and set Hash algorithm to SHA-256.
When the certificate is imported, you see that example_cert has been signed by the FortiAuthenticator; Status shows Active and the CA Type shows Intermediate (non-signing) CA.
- Select the certificate and select Export Certificate. This saves the example-cert.crt file to your local drive.