Fortinet black logo

Cookbook

Getting the certificate signed by a CA

Copy Link
Copy Doc ID 4d801240-7ccc-11e9-81a4-00505692583a:530183
Download PDF

Getting the certificate signed by a CA

Trusted private CA:

If you want to use a trusted private CA to sign the certificate, use the CSR to apply for an SSL certificate with your trusted private CA.

FortiAuthenticator:

  1. On FortiAuthenticator, go to Certificate Management > Certificate Authorities > Local CAs and select Import.
  2. Set Type to CSR to sign, enter a Certificate ID, and specify the example-cert.csr file.

    Select the Certificate authority from the dropdown menu and set Hash algorithm to SHA-256.

    When the certificate is imported, you see that example_cert has been signed by the FortiAuthenticator; Status shows Active and the CA Type shows Intermediate (non-signing) CA.

  3. Select the certificate and select Export Certificate. This saves the example-cert.crt file to your local drive.

Getting the certificate signed by a CA

Trusted private CA:

If you want to use a trusted private CA to sign the certificate, use the CSR to apply for an SSL certificate with your trusted private CA.

FortiAuthenticator:

  1. On FortiAuthenticator, go to Certificate Management > Certificate Authorities > Local CAs and select Import.
  2. Set Type to CSR to sign, enter a Certificate ID, and specify the example-cert.csr file.

    Select the Certificate authority from the dropdown menu and set Hash algorithm to SHA-256.

    When the certificate is imported, you see that example_cert has been signed by the FortiAuthenticator; Status shows Active and the CA Type shows Intermediate (non-signing) CA.

  3. Select the certificate and select Export Certificate. This saves the example-cert.crt file to your local drive.