Fortinet 292 FortiWeb 5.0 Patch 6 Administration Guide
3. Do one of the following to locate a certificate:
•Select SCEP and enter the URL of the applicable Simple Certificate Enrollment Protocol
server. (SCEP allows routers and other intermediate network devices to obtain
certificates.)
To specify a specific certificate authority, enter an identifier in the field below the URL.
•Select Local PC, then browse to locate a certificate file.
4. Click OK.
5. Go to System > Certificates > Intermediate CA Group.
To access this part of the web UI, your administrator's account access profile must have
Read and Write permission to items in the Admin Users category. For details, see
“Permissions” on page 47.
6. Click Create New.
A dialog appears.
7. In Name, type a name that can be referenced by other parts of the configuration. Do not use
spaces or special characters. The maximum length is 35 characters.
8. Click OK.
9. Click Create New.
A dialog appears.
10.In ID, type the index number of the host entry within the group, or keep the field’s default
value of auto to let the FortiWeb appliance automatically assign the next available index
number.
11.In CA, select the name of an intermediary CA’s certificate that you previously uploaded and
want to add to the group.
12.Click OK.
13.Repeat the previous steps for each intermediary CA certificate that you want to add to the
group.
14.To apply an intermediary CA certificate group, select it in Certificate Intermediate Group in a
policy that uses HTTPS, with the server certificate that was signed by those CAs (see
“Configuring a server policy” on page 483).
The FortiWeb appliance will present both the server’s certificate and those of the
intermediate CAs when establishing a secure connection with the client.
Clear
Edit
Delete