Downloading And Submitting A Certificate Request - Fortinet FortiGate Series Administration Manual
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
Local Certificates
Downloading and submitting a certificate request
304
Certification Name
Enter a certificate name. Typically, this would be the name of the
FortiGate unit. To enable the export of a signed certificate as a PKCS12
file later on if required, do not include spaces in the name.
Subject Information
Enter the information needed to identify the FortiGate unit:
Host IP
If the FortiGate unit has a static IP address, select Host IP and enter the
public IP address of the FortiGate unit. If the FortiGate unit does not have
a public IP address, use an email address (or domain name if available)
instead.
Domain Name
If the FortiGate unit has a static IP address and subscribes to a dynamic
DNS service, use a domain name if available to identify the FortiGate unit.
If you select Domain Name, enter the fully qualified domain name of the
FortiGate unit. Do not include the protocol specification (http://) or any
port number or path names. If a domain name is not available and the
FortiGate unit subscribes to a dynamic DNS service, an "unable to verify
certificate" message may be displayed in the user's browser whenever
the public IP address of the FortiGate unit changes.
E-Mail
If you select E-mail, enter the email address of the owner of the FortiGate
unit.
Optional Information
Complete as described or leave blank.
Organization Unit
Enter the name of your department or departments. You can enter a
maximum of 5 Organization Units. To add or remove a unit, use the plus
(+) or minus (-) icon.
Organization
Enter the legal name of your company or organization.
Locality (City)
Enter the name of the city or town where the FortiGate unit is installed.
State/Province
Enter the name of the state or province where the FortiGate unit is
installed.
Country
Select the country where the FortiGate unit is installed.
e-mail
Enter the contact email address.
Key Type
Only RSA is supported.
Key Size
Select 1024 Bit, 1536 Bit or 2048 Bit. Larger keys are slower to generate
but they provide better security.
Enrollment Method
Select one of the following methods:
File Based
Select to generate the certificate request.
Online SCEP
Select to obtain a signed SCEP-based certificate automatically over the
network.
CA Server URL: Enter the URL of the SCEP server from which to retrieve
the CA certificate.
Challenge Password: Enter the CA server challenge password.
You have to fill out a certificate request and generate the request before you can submit
the results to a CA. For more information, see
page
303.
To download and submit a certificate request
1 Go to System > Certificates > Local Certificates.
2 In the Local Certificates list, select the Download icon in the row that corresponds to
the generated certificate request.
3 In the File Download dialog box, select Save to Disk.
4 Name the file and save it to the local file system.
"Generating a certificate request" on
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/
System Certificates
•
Feedback
Advertisement
Table of Contents
