FortiAuthenticator as a Certificate Authority
For this recipe, you will configure the FortiAuthenticator as a Certificate Authority (CA). This will allow the FortiAuthenticator to sign certificates that the FortiGate will use to secure administrator GUI access.
This scenario includes creating a certificate request on the FortiGate, downloading the certificate to the network’s computers, and then importing it to the FortiAuthenticator. You will sign the certificate with the FortiAuthenticator’s own certificate, then download and import the signed certificate back to the FortiGate.
The process of downloading the certificate to the network’s computers will depend on which web browser you use. Internet Explorer and Chrome use one certificate store, while Firefox uses another. This configuration includes both methods.