Filter
Top Products
264 01-28007-0068-20041203 Fortinet Inc.
Importing signed certificates VPN
Importing signed certificates
Your CA will provide you with a signed certificate to install on the FortiGate unit. When
you receive the signed certificate from the CA, save the certificate on a PC that has
management access to the FortiGate unit.
To install a signed personal or site certificate
1 Go to VPN > Certificates > Local Certificates.
2 Select Import.
Figure 138:Importing a signed certificate
3 Browse to the location on the management PC where the certificate has been saved,
select the certificate, and then select OK.
4 Select OK.
Certification Name Type a certificate name. Typically, this would be the name of the
FortiGate unit.
Subject Information Enter the information needed to identify the FortiGate unit. Preferably
use an IP address or domain name. If this is impossible (such as with
a dialup client), use an email address.
• For Host IP, enter the public IP address of the FortiGate unit being
certified.
• For Domain name, enter the fully qualified domain name of the
FortiGate unit being certified. Do not include the protocol
specification (http://) or any port number or path names.
• For E-mail, enter the email address of the owner of the FortiGate
unit being certified. Typically, email addresses are entered only
for clients, not gateways.
Organization Unit Name of your department.
Organization Legal name of your company or organization.
Locality (City) Name of the city or town where the FortiGate unit is installed.
State/Province Name of the state or province where the FortiGate unit is installed.
Country Select the country where the FortiGate unit is installed.
e-mail Contact email address. The CA may choose to deliver the digital
certificate to this address.
Key Type Only RSA is supported.
Key Size Select 1024 Bit, 1536 Bit or 2048 Bit. Larger keys are slower to
generate but more secure. Not all IPSec VPN products support all
three key sizes.