Fortinet black logo

Onboarding for ZTNA Deployment Guide

Home FortiClient 7.2.0 Onboarding for ZTNA Deployment Guide
7.2.0
7.2.0

Installing a certificate to secure communication between FortiClient and EMS

Installing a certificate to secure communication between FortiClient and EMS

To secure the connection between FortiClient endpoints and FortiClient EMS, as well as between the EMS server and the FortiGate, EMS must present a certificate that is trusted by the connecting entities.

By default, FortiClient EMS uses the certificate issued by FortiCare to each licensed EMS server for securing web server access and endpoint control. However, the certificate is not issued by a public CA and may not be natively trusted by connecting endpoints or the FortiGate. For information about different kinds of EMS server certificates, see Server Certificates.

To upload a server certificate issued by your desired public or private CA:
  1. Go to System Settings > EMS Server Certificates.
  2. Select Add in the top right to upload a certificate to EMS.
  3. For Type, select Upload PKCS12 or Upload PEM.
  4. Upload the certificate and enter the certificate password or private key.
  5. Click Upload.
  6. Go to System Settings > EMS Settings.
  7. From the Endpoint Control certificate dropdown list, select the certificate that you added.
  8. Save.
Previous
Next

Installing a certificate to secure communication between FortiClient and EMS

To secure the connection between FortiClient endpoints and FortiClient EMS, as well as between the EMS server and the FortiGate, EMS must present a certificate that is trusted by the connecting entities.

By default, FortiClient EMS uses the certificate issued by FortiCare to each licensed EMS server for securing web server access and endpoint control. However, the certificate is not issued by a public CA and may not be natively trusted by connecting endpoints or the FortiGate. For information about different kinds of EMS server certificates, see Server Certificates.

To upload a server certificate issued by your desired public or private CA:
  1. Go to System Settings > EMS Server Certificates.
  2. Select Add in the top right to upload a certificate to EMS.
  3. For Type, select Upload PKCS12 or Upload PEM.
  4. Upload the certificate and enter the certificate password or private key.
  5. Click Upload.
  6. Go to System Settings > EMS Settings.
  7. From the Endpoint Control certificate dropdown list, select the certificate that you added.
  8. Save.
Previous
Next