FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vpereira
Staff
Staff
Article Id 191036
Description

This article describes how to use custom certificate for error / block page when using explicit proxy.


Solution
CLI configuration.
# config web-proxy global
    set ssl-cert "Fortinet_Factory"
    set ssl-ca-cert "Fortinet_CA_SSL" <----- Replace this certificate with certificate.
    set fast-policy-match enable
end
Note:

The certificate used for block page, has the CA flag set to ‘True’ as the FortiGate tries to intercept the traffic with a replacement message.
If the CSR is not generated on the FortiGate, certificate is imported along with the private key to FortiGate.


Contributors