If you want to use a trusted private CA to sign the certificate, use the CSR to apply for an SSL certificate with your trusted private CA.
- If you want to use a FortiAuthenticator as a CA to sign the certificate, on the FortiAuthenticator, go to Certificate Management > Certificate Authorities > Local CAs and select Import.
- Set Type to CSR to sign, enter a Certificate ID, and import the example-cert.csr file. Make sure to select the Certificate authority from the drop-down menu and set the Hash algorithm to SHA-256.
- Once imported, you should see that example_cert has been signed by the FortiAuthenticator, showing a Status of Active, and with the CA Type of Intermediate (non-signing) CA. Highlight the certificate and select Export.
This will save the example_cert.crt file to your local drive.