User
PKI authentication
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102
Figure 209:LDAP server Distinguished Name Query tree
Public Key Infrastructure (PKI) authentication utilizes a certificate authentication
library that takes a list of 'peers', 'peer' groups, and/or user groups and returns
authentication 'successful' or 'denied' notifications. Users only need a valid
certificate for successful authentication - no username or password are
necessary.
For more information about certificate authentication, see the
For information about the detailed PKI configuration
Management User Guide.
settings only available through the CLI, see the
Go to User > PKI to configure PKI users.
Figure 210:User > PKI user list
Create New
Add a new PKI user.
User Name
The name of the PKI user.
Subject
The text string that appears in the subject field of the certificate of
the authenticating user.
Issuer
The CA certificate that is used to authenticate this user.
Delete icon
Delete this PKI user.
Edit icon
Edit this PKI user.
Note: The following fields in the PKI User List correspond to the noted fields in the PKI
User dialog:
User Name: Name
Subject: Subject
CA: Issuer (CA certificate)
FortiGate Certificate
FortiGate CLI Reference.
PKI authentication
325