Importing signed certificates – Fortinet 100A User Manual
Page 264
264
01-28007-0068-20041203
Fortinet Inc.
Importing signed certificates
VPN
Importing signed certificates
Your CA will provide you with a signed certificate to install on the FortiGate unit. When
you receive the signed certificate from the CA, save the certificate on a PC that has
management access to the FortiGate unit.
To install a signed personal or site certificate
1
Go to VPN > Certificates > Local Certificates.
2
Select Import.
Figure 138:Importing a signed certificate
3
Browse to the location on the management PC where the certificate has been saved,
select the certificate, and then select OK.
4
Select OK.
Certification Name
Type a certificate name. Typically, this would be the name of the
FortiGate unit.
Subject Information
Enter the information needed to identify the FortiGate unit. Preferably
use an IP address or domain name. If this is impossible (such as with
a dialup client), use an email address.
•
For Host IP, enter the public IP address of the FortiGate unit being
certified.
•
For Domain name, enter the fully qualified domain name of the
FortiGate unit being certified. Do not include the protocol
specification (http://) or any port number or path names.
•
For E-mail, enter the email address of the owner of the FortiGate
unit being certified. Typically, email addresses are entered only
for clients, not gateways.
Organization Unit
Name of your department.
Organization
Legal name of your company or organization.
Locality (City)
Name of the city or town where the FortiGate unit is installed.
State/Province
Name of the state or province where the FortiGate unit is installed.
Country
Select the country where the FortiGate unit is installed.
Contact email address. The CA may choose to deliver the digital
certificate to this address.
Key Type
Only RSA is supported.
Key Size
Select 1024 Bit, 1536 Bit or 2048 Bit. Larger keys are slower to
generate but more secure. Not all IPSec VPN products support all
three key sizes.