Fortinet black logo

Administration Guide

Trusted CAs

Trusted CAs

Trusted CA certificates can be used to validate certificates signed by an external CA.

To view the trusted CA certificate list, go to Certificate Management > Certificate Authorities > Trusted CAs.

The certificate ID, subject, issuer, and status are shown. Certificates can be imported, exported, deleted, and searched.

To import a trusted CA certificate:
  1. From the trusted CA certificate list, select Import.
  2. Enter a certificate ID in the Certificate ID field.
  3. Select Choose File to locate the certificate file on your computer, and select OK to import the list.
  4. When successful, the trusted CA certificate is displayed in the list on the FortiAuthenticator device. You can select it to see the details (see To view certificate details:).

To extract a trusted CA certificate with chain from a server:
  1. From the trusted CA certificate list, select Learn Certificate.
  2. Enter host name/ IP address in the Host name/IP field, the port number in the Port field, and click Learn.

  3. Under Import, enable the toggle to select the CA certificates to import, enter their certificate IDs, and click Import.

    When successful, the trusted CA certificates are displayed on the FortiAuthenticator device. You can select it to see the details (see To view certificate details:).

Trusted CAs

Trusted CA certificates can be used to validate certificates signed by an external CA.

To view the trusted CA certificate list, go to Certificate Management > Certificate Authorities > Trusted CAs.

The certificate ID, subject, issuer, and status are shown. Certificates can be imported, exported, deleted, and searched.

To import a trusted CA certificate:
  1. From the trusted CA certificate list, select Import.
  2. Enter a certificate ID in the Certificate ID field.
  3. Select Choose File to locate the certificate file on your computer, and select OK to import the list.
  4. When successful, the trusted CA certificate is displayed in the list on the FortiAuthenticator device. You can select it to see the details (see To view certificate details:).

To extract a trusted CA certificate with chain from a server:
  1. From the trusted CA certificate list, select Learn Certificate.
  2. Enter host name/ IP address in the Host name/IP field, the port number in the Port field, and click Learn.

  3. Under Import, enable the toggle to select the CA certificates to import, enter their certificate IDs, and click Import.

    When successful, the trusted CA certificates are displayed on the FortiAuthenticator device. You can select it to see the details (see To view certificate details:).