194 Fortinet Inc.
Obtaining a signed local certificate IPSec VPN
4 Request the signed local certificate.
Follow the CA web server instructions to:
• add a base64 encoded PKCS#10 certificate request to the CA web server,
• paste the certificate request to the CA web server,
• submit the certificate request to the CA web server.
The certificate request is submitted to the CA for it to sign.
Figure 24: Opening a certificate request in a text editor
Retrieving the signed local certificate
With this procedure, you connect to the CA web server and download the signed local
certificate to the management computer. (Do this after receiving notification from the
CA that it has signed the certificate request.)
To retrieve the signed local certificate:
1 Connect the CA web server.
2 Follow the CA web server instructions to download the signed local certificate.
The File Download dialog will display.
3 Select Save.
4 Save the file in a directory on the management computer.
Importing the signed local certificate
With this procedure, you import the signed local certificate from the management
computer to the FortiGate unit.
To import the signed local certificate:
1 Go to VPN > Local Certificates.
2 Select Import.