FortiOS image signing and verification
Official FortiOS firmware images are signed by the Fortinet CA. The BIOS checks the validity of an image when it is uploaded to the device. If the image is not signed by the Fortinet CA, a warning message is shown in the GUI.
Unsigned image:
Signed image:
This feature is implemented on all FortiGate F-series models and E-series models released in 2019 and later.