Fortinet 291 FortiWeb 5.0 Patch 6 Administration Guide
5. To use a certificate, you must select it in a policy or server farm (see “Configuring a server
policy” on page 483 or “Grouping your web servers into server farms” on page 256).
See also
•Supplementing a server certificate with its signing chain
•Revoking certificates by OCSP query
•Configuring a server policy
•Grouping your web servers into server farms
•How to offload or inspect HTTPS
Supplementing a server certificate with its signing chainIf a server certificate is signed by an intermediate (non-root) certificate authority rather than a
root CA, before the client will trust the server’s certificate, you must demonstrate a link with
trusted root CAs, thereby proving that the server’s certificate is genuine. Otherwise, the server
certificate may cause the end-user’s web browser to display certificate warnings.
If you did not append the signing chain inside the server certificate itself, you must configure the
FortiWeb appliance to provide the certificates of intermediate CAs when it presents the server
certificate.
To upload an intermediate CA’s certificate
1. Go to System > Certificates > Intermediate CA.
You can click View Certificate Detail to view the selected certificate’s subject, range of dates
within which the certificate is valid, version number, serial number, and extensions
(purposes).
To access this part of the web UI, your administrator's account access profile must have
Read and Write permission to items in the Admin Users category. For details, see
“Permissions” on page 47.
2. To upload a certificate, click Import.
A dialog appears.
The total file size of all certificates, private keys, and any other uploaded files may not exceed
12 MB.