FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vkulik
Staff
Staff
Article Id 195208

Description
After firmware upgrade, the Fortigate 400A displays error message "Bad certificates in BIOS!"

FG400A (16:20-04.26.2005)
Ver:04000000
Serial number:FG400A2905500836
RAM activation
CPU(00:00000f29 bfebfbff): Do MP initialization
CPU(01:00000f29 bfebfbff): Do MP initialization
Total RAM: 512MB
Enabling cache...Done.
Scanning PCI bus...Done.
Allocating PCI resources...Done.
Enabling PCI resources...Done.
Zeroing IRQ settings...Done.
Verifying PIRQ tables...Done.
Boot up, boot device capacity: 61MB.
Press any key to display configuration menu...
......

Reading boot image 1453382 bytes.
Initializing firewall...
System is started.
Bad certificates in BIOS!


This error occurs even after factory reset and flash memory format and firmware reload.

This issue only occurs on FortiGate units with BIOS version: 04000000

Solution
The error message indicates that the unit does not contain a valid BIOS certificate. This certificate can be used for VPN implementations with certificate authentication. In most cases this certificate is not being used.

The error appeared because the structure changes in the firmware caused the FortiGate unit to read default certificate from the BIOS instead of the flash memory.

This error will not cause any issues and can be ignored if you do not intend to implement VPN with Certificate.

To completely resolve it upgrade to firmware version 4.0.4 (b113) or v4 MR1P2 (b192) or later.


Contributors