Certificates
FortiOS leverages certificates in multiple areas, such as VPNs, administrative access, and deep packet inspection. This section contains topics about uploading certificates and provides examples of how certificates may be used to encrypt and decrypt communications, and represent the identity of the FortiGate. This sections assumes the reader has a high level understanding of the public key infrastructure (PKI) system, particularly how entities leverage trusted certificate authorities (CAs) to verify the authenticating party, and how public and private certificate keys work to secure communications.
The certificates feature is hidden by default in FortiOS. In the GUI, go to System > Feature Visibility and enable Certificates.
For additional capabilities and enhanced certificate management, please review the FortiAuthenticator Administration Guide and Cookbook.
The following topics provide an overview of how to add certificates to the FortiGate:
The following topics provide examples of how to use certificates:
- Configuring certificates for SAML SSO
- Configuring FortiClient EMS
- Creating certificates with XCA
- ECDSA in SSH administrative access
- Generate a new certificate
- Microsoft CA deep packet inspection
- Procuring and importing a signed SSL certificate
- Protecting an SSL server
- Site-to-site VPN with digital certificate
- SSL VPN with certificate authentication
- SSL VPN with LDAP-integrated certificate authentication