# config vpn certificate ca
(ca) # get <----- List all CA certificates already loaded.
== [ Fortinet_CA ]
name: Fortinet_CA
== [ Fortinet_Wifi_CA ]
name: Fortinet_Wifi_CA
== [ Fortinet_Wifi_CA2 ]
name: Fortinet_Wifi_CA2
== [ GlobalSign_Root_CA ]
name: GlobalSign_Root_CA
== [ GlobalSign_Root_CA_-_R2 ]
name: GlobalSign_Root_CA_-_R2
== [ Entrust.net_Premium_2048_Secure_Server_CA ]
name: Entrust.net_Premium_2048_Secure_Server_CA
/////
== [ certSIGN_Root_CA_G2 ]
name: certSIGN_Root_CA_G2
== [ Trustwave_Global_Certification_Authority ]
name: Trustwave_Global_Certification_Authority
== [ Trustwave_Global_ECC_P256_Certification_Authority ]
name: Trustwave_Global_ECC_P256_Certification_Authority
== [ Trustwave_Global_ECC_P384_Certification_Authority ]
name: Trustwave_Global_ECC_P384_Certification_Authority
(ca) # get | grep Daddy <----- List CA certificates issued by GoDaddy Inc..
== [ Go_Daddy_Class_2_CA ]
name: Go_Daddy_Class_2_CA
== [ Go_Daddy_Root_Certificate_Authority_-_G2 ]
name: Go_Daddy_Root_Certificate_Authority_-_G2
(ca) # edit Go_Daddy_Class_2_CA
(Go_Daddy_Class_2_CA) # get
name : Go_Daddy_Class_2_CA
ca :
Subject: C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
Issuer: C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
Valid from: 2004-06-29 17:06:20 GMT
Valid to: 2034-06-29 17:06:20 GMT
Fingerprint: 91:DE:06:25:AB:DA:FD:32:17:0C:BB:25:17:2A:84:67
Root CA: Yes
Version: 3
Serial Num:
00
Extensions:
Name: X509v3 Subject Key Identifier
Critical: no
Content:
D2:C4:B0:D2:91:D4:4C:11:71:B3:61:CB:3D:A1:FE:DD:A8:6A:D4:E3
Name: X509v3 Authority Key Identifier
Critical: no
Content:
keyid:D2:C4:B0:D2:91:D4:4C:11:71:B3:61:CB:3D:A1:FE:DD:A8:6A:D4:E3
DirName:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority serial:00
Name: X509v3 Basic Constraints
Critical: no
Content:
CA:TRUE
range : global
source : bundle
trusted : enable
scep-url :
source-ip : 0.0.0.0
(ca) # edit Go_Daddy_Root_Certificate_Authority_-_G2Detailed information collected above confirms the Certificate Authority certificate that is being imported is effectively already loaded into the FortiGate and consequently duplicated.
(Go_Daddy_Root_Ce~_G2) # get
name : Go_Daddy_Root_Certificate_Authority_-_G2
ca :
Subject: C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2
Issuer: C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2
Valid from: 2009-09-01 00:00:00 GMT
Valid to: 2037-12-31 23:59:59 GMT
Fingerprint: 80:3A:BC:22:C1:E6:FB:8D:9B:3B:27:4A:32:1B:9A:01
Root CA: Yes
Version: 3
Serial Num:
00
Extensions:
Name: X509v3 Basic Constraints
Critical: yes
Content:
CA:TRUE
Name: X509v3 Key Usage
Critical: yes
Content:
Certificate Sign, CRL Sign
Name: X509v3 Subject Key Identifier
Critical: no
Content:
3A:9A:85:07:10:67:28:B6:EF:F6:BD:05:41:6E:20:C1:94:DA:0F:DE
range : global
source : bundle
trusted : enable
scep-url :
source-ip : 0.0.0.0
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.