Re: SSL Full Inspection and Using a CA-signed certificate
☼ Best Answerby shkim 2018/06/25 20:19:58
Short answer "no" and "none". No public trusted CA if that's what your going after, will issue a private org a CA:TRUE signed certificate as a normal offering. Just ain't going to happen
1: build a private PKI and signyour own certificate ( you own the PKI so you can do what ever you want ;) this is the best but not ideal for all org/enterprise needs )
2: Use the internal cert that comes in the fortigate ( yeap a cert already exist just import it into your OS and|or Browsers certificate store )
3: self-Sign a cert using openssl for example ( again import it )
All of them has advantages, #2 is the simple fix since it "already" exists and all you have to do nothing but just use the cert.
PCNSE, NSE , Forcepoint , StrongSwan Specialist