Fortinet white logo
Fortinet white logo

Administration Guide

Remote certificate

Remote certificate

Remote certificates are public certificates and contain only the public key. They are used to identify a remote device. For example, when configuring your FortiGate for SAML authentication with the FortiGate as an identity provider (IdP), you can optionally specify the service provider (SP) certificate. However, when configuring your FortiGate as a SP, you must specify the certificate used by the IdP. Both these certificates can be uploaded to the FortiGate as a remote certificate, since the private key is not necessary for its implementation.

To upload a remote certificate in the GUI:
  1. Go to System > Certificates and select Create/Import > Remote Certificate.

  2. Upload the remote certificate file directly from the management computer.

  3. Click OK.

To upload a remote certificate in the CLI:
# execute vpn certificate remote import tftp <file_name> <server_address> 

Remote certificate

Remote certificate

Remote certificates are public certificates and contain only the public key. They are used to identify a remote device. For example, when configuring your FortiGate for SAML authentication with the FortiGate as an identity provider (IdP), you can optionally specify the service provider (SP) certificate. However, when configuring your FortiGate as a SP, you must specify the certificate used by the IdP. Both these certificates can be uploaded to the FortiGate as a remote certificate, since the private key is not necessary for its implementation.

To upload a remote certificate in the GUI:
  1. Go to System > Certificates and select Create/Import > Remote Certificate.

  2. Upload the remote certificate file directly from the management computer.

  3. Click OK.

To upload a remote certificate in the CLI:
# execute vpn certificate remote import tftp <file_name> <server_address>