Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiSandbox 3.2.1 Administration Guide
    3.2.1
    5.0.0
    4.4.6
    4.4.5
    4.4.4
    4.4.3
    4.4.2
    4.4.1
    4.4.0
    4.2.7
    4.2.6
    4.2.5
    4.2.4
    4.2.3
    4.2.2
    4.2.1
    4.2.0
    4.0.5
    4.0.4
    4.0.3
    4.0.2
    4.0.1
    4.0.0
    3.2.4
    3.2.3
    3.2.2
    3.2.1
    3.2.0
    3.1.5
    3.1.4
    3.1.3
    3.1.2
    3.1.1
    3.1.0
    3.0.7
    3.0.6

    Certificates

    Certificates

    In this page you can import, view, download and delete certificates. Certificates are used for secure connection to an LDAP server, system HTTPS and SSH services. The FortiSandbox has one default certificate firmware which means the certificate is installed on the unit by Fortinet.

    FSA does not support generating certificates, but importing certificates for SSH and HTTPS access to FSA..crt, PKCS12, and .pem formats are supported.

    The following options are available:

    Import

    Import a certificate.

    Service

    Select to configure specific certificates for the HTTP and SSH servers.

    View

    Select a certificate in the list and select View in the toolbar to view the CA certificate details.

    Delete

    Select a certificate in the list and select Delete in the toolbar to delete the certificate.

    The following information is displayed:

    Name

    The name of the certificate.

    Subject

    The subject of the certificate.

    Status

    The certificate status, active or expired.

    Service

    HTTPS or SSH service that is using this certificate.

    Certificate

    Download the server certificate.

    Sub Certificate

    Download the intermediate CA (Certificate Authority) certificate if you are using a certificate chain.

    Cacert

    Download the CA (Certificate Authority) certificate.
    To import a certificate:
    1. Go to System > Certificates.
    2. Click Import from the toolbar.
    3. Enter the certificate name in the text field.
    4. Click Choose File and locate the certificate and key files on your management computer.
    5. Optionally, you can import the intermediate CA certificate by clicking the Choose File button for Sub Certificate, and locating the intermediate CA certificate file.
    6. Click OK to import the certificate.

    You also have the option to import a Password Protected PKCS12 Certificate. To import a PKCS12 Certificate, check the PKCS12 Format box upon importing a new certificate and writing down the possible password. When checking the PKCS12 Format box, the other Certificate file selection boxes disappear and are replaced by the PKCS12 File selection option because only this type is valid.
    To view a certificate:
    1. Go to System > Certificates.
    2. Select the certificate from the list and click View from the toolbar.
    3. The following information is available:

      Certificate Name

      The name of the certificate.

      Status

      The certificate status.

      Serial number

      The certificate serial number.

      Issuer

      The issuer of the certificate.

      Subject

      The subject of the certificate.

      Effective date

      The date and time that the certificate became effective.

      Expiration date

      The date and time that the certificate expires.
    4. Click OK to return to the Certificates page.
    To download a CA certificate:
    1. Go to System > Certificates.

    2. Click the download icon in one of the columns: Certificate, Sub Certificate, or Cacert.

    To delete a CA certificate:
    1. Go to System > Certificates.
    2. Select the certificate from the list and click Delete from the toolbar.
    3. Click Yes, I’m sure in the Are You Sure confirmation page.

    Firmware certificate(s) cannot be deleted.
    Previous
    Next

    Certificates

    Certificates

    In this page you can import, view, download and delete certificates. Certificates are used for secure connection to an LDAP server, system HTTPS and SSH services. The FortiSandbox has one default certificate firmware which means the certificate is installed on the unit by Fortinet.

    FSA does not support generating certificates, but importing certificates for SSH and HTTPS access to FSA..crt, PKCS12, and .pem formats are supported.

    The following options are available:

    Import

    Import a certificate.

    Service

    Select to configure specific certificates for the HTTP and SSH servers.

    View

    Select a certificate in the list and select View in the toolbar to view the CA certificate details.

    Delete

    Select a certificate in the list and select Delete in the toolbar to delete the certificate.

    The following information is displayed:

    Name

    The name of the certificate.

    Subject

    The subject of the certificate.

    Status

    The certificate status, active or expired.

    Service

    HTTPS or SSH service that is using this certificate.

    Certificate

    Download the server certificate.

    Sub Certificate

    Download the intermediate CA (Certificate Authority) certificate if you are using a certificate chain.

    Cacert

    Download the CA (Certificate Authority) certificate.
    To import a certificate:
    1. Go to System > Certificates.
    2. Click Import from the toolbar.
    3. Enter the certificate name in the text field.
    4. Click Choose File and locate the certificate and key files on your management computer.
    5. Optionally, you can import the intermediate CA certificate by clicking the Choose File button for Sub Certificate, and locating the intermediate CA certificate file.
    6. Click OK to import the certificate.

    You also have the option to import a Password Protected PKCS12 Certificate. To import a PKCS12 Certificate, check the PKCS12 Format box upon importing a new certificate and writing down the possible password. When checking the PKCS12 Format box, the other Certificate file selection boxes disappear and are replaced by the PKCS12 File selection option because only this type is valid.
    To view a certificate:
    1. Go to System > Certificates.
    2. Select the certificate from the list and click View from the toolbar.
    3. The following information is available:

      Certificate Name

      The name of the certificate.

      Status

      The certificate status.

      Serial number

      The certificate serial number.

      Issuer

      The issuer of the certificate.

      Subject

      The subject of the certificate.

      Effective date

      The date and time that the certificate became effective.

      Expiration date

      The date and time that the certificate expires.
    4. Click OK to return to the Certificates page.
    To download a CA certificate:
    1. Go to System > Certificates.

    2. Click the download icon in one of the columns: Certificate, Sub Certificate, or Cacert.

    To delete a CA certificate:
    1. Go to System > Certificates.
    2. Select the certificate from the list and click Delete from the toolbar.
    3. Click Yes, I’m sure in the Are You Sure confirmation page.

    Firmware certificate(s) cannot be deleted.
    Previous
    Next