Select Language

Translate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

Products
SSL/TLS Certificates

Basic

Premium

High Assurance

Enterprise EV

Wildcard SSL/TLS

Multi-domain UCC/SAN

Enterprise EV UCC/SAN

Smart SeaL

Overview

Code Signing Certificates

Code Signing

EV Code Signing

Email, Client, and Document Signing Certificates

Secure Email (S/MIME)

Client Authentication

eSigner Document Signing

NAESB Certificates

NAESB Certificate

Content Delivery Network (CDN)

Pro

Business

Enterprise
Which Code Signing Certificate Do I Need?

What is a CDN ?
Solutions

Hosted PKI

World-Class PKI Hosting Infrastructure

Custom-Branded Issuing CA

Issue Publicly Trusted Certificates in your Company's Name

Internet of Things (IoT)

Custom IoT Solutions

Government

Protect Personal Data While Providing Essential Services

Energy Industry

North American Energy Standards Board (NAESB) Accredited Certificate Authority

SSL Manager

Windows Certificate Management Application

eSigner
Cloud Document and Code Signing Service

Submit a Ticket

Call: 1-877-SSL-SECURE

Live Chat

Knowledgebase
Company

About SSL.com
Find out more about SSL.com,
A Globally-Trusted Certificate Authority in business since 2002

Blog

Informative updates on SSL.com and PKI

Careers

Looking for a flexible environment that encourages creative thinking and rewards hard work?
We're hiring!

Privacy Policy

• How we collect information about customers
• How we use that information
• Information-sharing policy

Terms Of Service

SSL.com's Terms of Service

CA Repository

• Practices Statement
• Document Repository

Submit a Ticket

Call: 1-877-SSL-SECURE

Live Chat

Knowledgebase
Partners

Overview

Earn revenue by partnering with SSL.com

Referral Link Partners

Hassle-Free Referral link program

Reseller & Volume Purchasing Partners

Wholesale and Reseller Solution

Referral Link Program FAQ

Reseller/Volume Purchasing Signup
Support

What is SSL?

SSL in plain English

Play Video

Knowledgebase

• Detailed guides and how-tos
• Frequently Asked Questions (FAQ)
• Articles, videos, and more

Purchase Orders and Quotes

• How to Submit a Purchase Order (PO)
• Request for Quote (RFQ)
• Payment Methods
• PO and RFQ Request Form

Contact Us

• Contact SSL.com sales and support
• Document submittal and validation
• Physical address

Submit a Ticket

Call SSL.com: 1-877-SSL-SECURE

Live Chat

Select Language

Translate

Home » How-Tos » Certificate Type » SSL/TLS » Generate a CSR and Install an SSL/TLS Certificate on Fortinet Fortigate SSL VPN

Generate a CSR and Install an SSL/TLS Certificate on Fortinet Fortigate SSL VPN

SSL Support Team
May 18, 2020
Certificate Installation, CSR Creation, Other, SSL/TLS
Fortigate, Fortinet

Time needed: 30 minutes

This how-to will walk you through generating a certificate signing request (CSR) and installing an SSL/TLS certificate in Fortinet Fortigate SSL VPN.

Make sure that certificates are visible.
By default, the Certificates option is hidden in the Fortigate GUI. To correct this, navigate to System u003e Feature Visibilty, make sure that Certificates is enabled, and click the Apply button.
Open System u003e Certificates.
Navigate to System u003e Certificates in the menu. If Certificates is not visible, see step 1, above.
Click Generate.
Click Generate to open the Generate Certificate Signing Request page.
Configure CSR.
• Enter a unique name for your certificate in the Certificate Name field.
• Next to ID Type, select Domain Name and enter the domain name that the certificate is intended to protect.
• You can enter further information to add to your CSR under Optional Information.
• Set Key Type to RSA or Elliptic Curve depending on the type of key desired.
• Set the Key Size. Note that 2048 bits or higher is preferable for RSA keys.
• Set the Enrollment Method to File Based.
• Click the OK button.
Download CSR.
The CSR will be added to the list of certificates with a status of PENDING. Select the CSR in the list and click Download to save the file.
Order Certificate.
The next step is to use the CSR to order an SSL/TLS certificate from SSL.com. For full information, please read our how-to on Ordering and Retrieving SSL Certificates.
Download certificate.
Open the certificate order in your SSL.com customer account and click the download link for Apache.
Unzip file.
Unzip the downloaded zip file. You should have two .crt files: the end-entity SSL/TLS certificate and intermediate bundle (ca-bundle-client.crt).
Login to Fortigate and open System u003e Certificates.
Login to your Fortigate and navigate to System u003e Certificates in the menu.
Import SSL/TLS certificate.
Click Import u003e CA Certificate, browse to the SSL/TLS certificate, and click OK.
Import intermediate certificates.
Navigate to Import u003e CA Certificate, browse to the intermediate certificate bundle (ca-bundle-client.crt), and click OK.
Configure Fortigate to use your new SSL/TLS certificate.
Navigate to VPN u003e SSL u003e Settings, then select your SSL/TLS certificate from the Connection Settings section of the Server Certificate drop-down menu.
Finished!
You have configured your Fortinet Fortigate SSL VPN to use your new SSL/TLS certificate.

Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

SSL Support Team

All Posts

What is SSL/TLS?

Subscribe To SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

3rd Party Cookies

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Name	Provider	Purpose	Expiration
Google Analytics	Google	Collect anonymous information such as the number of visitors to the site, and the most popular pages.	365 days
StatCounter Analytics	StatCounter	Collect anonymous information such as the number of visitors to the site, and the most popular pages.	365 days

SSL/TLS Certificates

Code Signing Certificates

Email, Client, and Document Signing Certificates

NAESB Certificates

Content Delivery Network (CDN)

Generate a CSR and Install an SSL/TLS Certificate on Fortinet Fortigate SSL VPN

SSL Support Team

Related How Tos

Subscribe to SSL.com’s Newsletter

What is SSL/TLS?

Subscribe To SSL.com’s Newsletter

certificates

support

programs

company