Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiWeb 7.2.2 CLI Reference
    7.2.2
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.3.23
    6.3.19
    6.3.18
    6.3.17
    6.3.16
    6.3.15
    6.3.14
    6.3.13
    6.3.11
    6.3.10
    6.3.9
    6.3.7
    6.3.6
    6.3.5
    6.3.4
    6.3.3
    6.3.2
    6.3.1
    6.3.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.2
    6.1.1
    5.7.0
    5.6.1
    5.6.0

    system admin-certificate local

    system admin-certificate local

    The FortiWeb appliance presents its own HTTPS server certificate for secure connections (HTTPS) to its Web UI. By default, A Fortinet factory certificate is used as the certificate, which is named defaultcert in FortiWeb. You can also import other certifications to FortiWeb and replace the defaultcert with any of them for secure Web UI connections.

    Use this command to edit the comment associated with the these FortiWeb's administration certificates that are stored locally on the FortiWeb appliance.

    To replace the certificate that FortiWeb uses for the secure accesses to its Web UI, see .

    For information on how to upload a certificate file to change FortiWeb's default certificate, see the FortiWeb Administration Guide:

    http://docs.fortinet.com/fortiweb/admin-guides

    To use this command, your administrator account’s access control profile must have either w or rw permission to the admingrp area. For details, see Permissions.

    Syntax

    config system admin-certificate local

    edit "<certificate_name>"

    set comment "<comment_str>"

    set certificate "<certificate_str>"

    set passwd "<passwd_str>"

    set private-key "<private-key_str>"

    set flag 0

    set status ok

    set type certificate

    next

    end

    Variable Description Default

    "<certificate_name>"

    		 Enter the name of a certificate file. The maximum length is 63 characters. No default.

    comment "<comment_str>"

    		 Enter a description or other comment. If the comment contains more than one word or contains an apostrophe, surround the comment in double quotes ( " ). The maximum length is 127 characters. No default.

    certificate "<certificate_str>"

    		 Enter the sequence number of the certificate file. No default.

    passwd "<passwd_str>"

    		 When exporting the private key file from certificate factories, you can choose to enter a password to encrypt the file. Thus when you import the file into FortiWeb, you shall enter this password. This is optional. No default.

    private-key "<private-key_str>"

    		 Enter the sequence number of the key file. No default.

    flag 0

    		 Indicate if a password was saved. This is used by FortiWeb for backwards compatibility. 0

    status ok

    Indicates the status of an imported certificate:

    • na—Indicates that the certificate was successfully imported, and is currently selected for use by the FortiWeb appliance.
    • ok—Indicates that the certificate was successfully imported but is not selected as the certificate currently in use. To use the certificate, see .
    • pending—Indicates that the certificate request was generated, but must be downloaded, signed, and imported before it can be used as a local certificate.
    		 ok

    type certificate

    		 Indicates whether the file is a certificate or a certificate signing request (CSR). certificate

    Example

    This example adds a comment to the certificate named certificate1.

    config system admin-certificate local

    edit "certificate1"

    set comment "This is a certificate that FortiWeb uses for secure Web UI connections."

    next

    end

    Previous
    Next

    system admin-certificate local

    system admin-certificate local

    The FortiWeb appliance presents its own HTTPS server certificate for secure connections (HTTPS) to its Web UI. By default, A Fortinet factory certificate is used as the certificate, which is named defaultcert in FortiWeb. You can also import other certifications to FortiWeb and replace the defaultcert with any of them for secure Web UI connections.

    Use this command to edit the comment associated with the these FortiWeb's administration certificates that are stored locally on the FortiWeb appliance.

    To replace the certificate that FortiWeb uses for the secure accesses to its Web UI, see .

    For information on how to upload a certificate file to change FortiWeb's default certificate, see the FortiWeb Administration Guide:

    http://docs.fortinet.com/fortiweb/admin-guides

    To use this command, your administrator account’s access control profile must have either w or rw permission to the admingrp area. For details, see Permissions.

    Syntax

    config system admin-certificate local

    edit "<certificate_name>"

    set comment "<comment_str>"

    set certificate "<certificate_str>"

    set passwd "<passwd_str>"

    set private-key "<private-key_str>"

    set flag 0

    set status ok

    set type certificate

    next

    end

    Variable Description Default

    "<certificate_name>"

    		 Enter the name of a certificate file. The maximum length is 63 characters. No default.

    comment "<comment_str>"

    		 Enter a description or other comment. If the comment contains more than one word or contains an apostrophe, surround the comment in double quotes ( " ). The maximum length is 127 characters. No default.

    certificate "<certificate_str>"

    		 Enter the sequence number of the certificate file. No default.

    passwd "<passwd_str>"

    		 When exporting the private key file from certificate factories, you can choose to enter a password to encrypt the file. Thus when you import the file into FortiWeb, you shall enter this password. This is optional. No default.

    private-key "<private-key_str>"

    		 Enter the sequence number of the key file. No default.

    flag 0

    		 Indicate if a password was saved. This is used by FortiWeb for backwards compatibility. 0

    status ok

    Indicates the status of an imported certificate:

    • na—Indicates that the certificate was successfully imported, and is currently selected for use by the FortiWeb appliance.
    • ok—Indicates that the certificate was successfully imported but is not selected as the certificate currently in use. To use the certificate, see .
    • pending—Indicates that the certificate request was generated, but must be downloaded, signed, and imported before it can be used as a local certificate.
    		 ok

    type certificate

    		 Indicates whether the file is a certificate or a certificate signing request (CSR). certificate

    Example

    This example adds a comment to the certificate named certificate1.

    config system admin-certificate local

    edit "certificate1"

    set comment "This is a certificate that FortiWeb uses for secure Web UI connections."

    next

    end

    Previous
    Next