Fortinet black logo

Administration Guide

Configuring autoconnect with certificate authentication

Certificate authentication requires three certificates:

  • Certificate Authority (CA) certificate
  • Server certificate that the CA certificate has signed
  • Client certificate that the CA certificate has signed

If the selected CA is well-known, such as Digicert or Comodo, the CA certificate may be preinstalled on the endpoint. Instead, this example uses FortiAuthenticator as a CA to sign the client and server certificates. In this example, you must import the CA certificate in FortiAuthenticator to the endpoint and FortiOS.

Certificate authentication requires three certificates:

  • Certificate Authority (CA) certificate
  • Server certificate that the CA certificate has signed
  • Client certificate that the CA certificate has signed

If the selected CA is well-known, such as Digicert or Comodo, the CA certificate may be preinstalled on the endpoint. Instead, this example uses FortiAuthenticator as a CA to sign the client and server certificates. In this example, you must import the CA certificate in FortiAuthenticator to the endpoint and FortiOS.