Fortinet black logo

Handbook

Creating a CA group

Creating a CA group

CA groups are only used to verify the signature of the OCSP Responder.

Include in the CA group all of the CAs for the pool of backend servers to be associated with a single virtual server.

Before you begin, you must:

  • Have Read-Write permission for System settings.
  • Have already added the CAs to the CA certificate store.
To create a CA group:
  1. Go to System > Certificate > Verify.
  2. Click the CA Group tab.
  3. Click Create New to display the configuration editor.
  4. Name the CA group and click Save when done. The new CA group appears on the CA Group page.
  5. Click the Edit icon in the far-right column (or double-click the CA group) to bring up the configuration editor.
  6. Click Create New.
  7. Complete the configuration as described in CA group configuration.
  8. Click Save when done.
  9. Repeat Steps 6 through 8 to add as many CAs to the group as needed.

CA group configuration

Settings Guidelines
Group Name Specify a unique name for the CA group that you are creating. Valid characters are A-Z, a-z, 0-9, _, and -. The maximum length is 35 characters. No space is allowed.
Group Member
CA Click the down arrow and select the desired CA from the list menu to add to the group.

Creating a CA group

CA groups are only used to verify the signature of the OCSP Responder.

Include in the CA group all of the CAs for the pool of backend servers to be associated with a single virtual server.

Before you begin, you must:

  • Have Read-Write permission for System settings.
  • Have already added the CAs to the CA certificate store.
To create a CA group:
  1. Go to System > Certificate > Verify.
  2. Click the CA Group tab.
  3. Click Create New to display the configuration editor.
  4. Name the CA group and click Save when done. The new CA group appears on the CA Group page.
  5. Click the Edit icon in the far-right column (or double-click the CA group) to bring up the configuration editor.
  6. Click Create New.
  7. Complete the configuration as described in CA group configuration.
  8. Click Save when done.
  9. Repeat Steps 6 through 8 to add as many CAs to the group as needed.

CA group configuration

Settings Guidelines
Group Name Specify a unique name for the CA group that you are creating. Valid characters are A-Z, a-z, 0-9, _, and -. The maximum length is 35 characters. No space is allowed.
Group Member
CA Click the down arrow and select the desired CA from the list menu to add to the group.