Managing digital certificates | IPSec VPN |
|
|
4Request the signed local certificate. Follow the CA web server instructions to:
•add a base64 encoded PKCS#10 certificate request to the CA web server,
•paste the certificate request to the CA web server,
•submit the certificate request to the CA web server.
The certificate request is submitted to the CA for it to sign.
Figure 24: Opening a certificate request in a text editor
Retrieving the signed local certificate
With this procedure, you connect to the CA web server and download the signed local certificate to the management computer. (Do this after receiving notification from the CA that it has signed the certificate request.)
To retrieve the signed local certificate:
1Connect the CA web server.
2Follow the CA web server instructions to download the signed local certificate. The File Download dialog will display.
3Select Save.
4Save the file in a directory on the management computer.
Importing the signed local certificate
With this procedure, you import the signed local certificate from the management computer to the FortiGate unit.
To import the signed local certificate:
1Go to VPN > Local Certificates.
2Select Import.
222 | Fortinet Inc. |