Fortinet black logo

New Features

Home FortiGate / FortiOS 7.0.0 New Features

Allow FortiClient EMS connectors to trust EMS server certificate renewals based on the CN field 7.0.11

7.0.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.0
Copy Link
Copy Doc ID 4f6cd3c1-22cb-11eb-96b9-00505692583a:78058
Download PDF

Allow FortiClient EMS connectors to trust EMS server certificate renewals based on the CN field 7.0.11

When a FortiGate establishes a Fabric connection with FortiClient EMS, the FortiGate must trust the CA that signed the server certificate. Previously, upon the user's approval of the certificate, the certificate fingerprint was saved on the FortiGate. This required the FortiGate to re-authorize the EMS connection each time the server certificate is updated. With this enhancement, upon the approval of the EMS certificate, the FortiGate saves the CN field and will trust future certificates that are signed by the same CA and have the same CN field. This allows EMS servers to update their certificates at regular intervals without requiring re-authorization on the FortiGate side, as long as the CN field matches. This prevents interruptions to the EMS Fabric connection when a certificate is updated.

For more information about this feature, see Allow FortiClient EMS connectors to trust EMS server certificate renewals based on the CN field.

Previous
Next

Allow FortiClient EMS connectors to trust EMS server certificate renewals based on the CN field 7.0.11

When a FortiGate establishes a Fabric connection with FortiClient EMS, the FortiGate must trust the CA that signed the server certificate. Previously, upon the user's approval of the certificate, the certificate fingerprint was saved on the FortiGate. This required the FortiGate to re-authorize the EMS connection each time the server certificate is updated. With this enhancement, upon the approval of the EMS certificate, the FortiGate saves the CN field and will trust future certificates that are signed by the same CA and have the same CN field. This allows EMS servers to update their certificates at regular intervals without requiring re-authorization on the FortiGate side, as long as the CN field matches. This prevents interruptions to the EMS Fabric connection when a certificate is updated.

For more information about this feature, see Allow FortiClient EMS connectors to trust EMS server certificate renewals based on the CN field.

Previous
Next