Knowledge Base

Solution

Importing your Primary SSL Certificate in the FortiGate Web Portal

1. In the administrative web portal select “System” and then “Certificates.” If “Certificates” is not displayed, you may have to enable the option within “Feature Visibility.”
2. Click “Import” and choose the type “Local Certificate.”
3. Click “Upload” next to “Certificate file” and browse for the primary certificate file in “.crt” format that was downloaded from your DigiCert order.
4. Click “OK” to upload the certificate file.
5. In the certificate list, the corresponding CSR will change from the status of “PENDING” to “OK.” This indicates that the certificate import was successful and is ready to be assigned to services within the appliance.

Importing your Intermediate SSL Certificate in the FortiGate Web Portal

1. In the administrative web portal select “System” and then “Certificates.” If “Certificates” is not displayed, you may have to enable the option within “Feature Visibility.”
2. Click “Import” and then “CA Certificate.”
3. Click “Upload” next to “Certificate file” and browse for the intermediate certificate file in “.crt” format that was downloaded from your DigiCert order (default file name is “DigiCertCA.crt”).
4. Click “OK” to upload the certificate file.
5. The intermediate/CA certificate will now be listed in the “CA Certificates” section of the certificates list. This indicates that the certificate import was successful and is ready to be assigned to services within the appliance.

Using your Intermediate SSL Certificate for VPN in the FortiGate Web Portal

1. In the administrative web portal select “VPN”, then “SSL”, and then “Settings.”
2. In the “Connections Settings” find the “Server Certificate” drop-down menu and select the SSL certificate that was just installed.
3. Click “Apply.” Now the VPN service is configured to use the SSL certificate for authentication.