- On the FortiAuthenticator, go to Certificate Management > Certificate Authorities > Local CAs and select Import.
- Once imported, you should see that the certificate has been signed by the FortiAuthenticator, showing a Status of Active, and with the CA Type of Intermediate (non-signing) CA. Highlight the certificate and select Export Certificate.
Set Type to CSR to sign, enter a Certificate ID, and import the CSR file. Make sure to select the Certificate authority from the dropdown menu, and set the Hash algorithm to SHA-256.
This will save a .crt file to your local drive.