Good morning everyone,
I have been reading everything that i possibly can to try and figure this out and i just cannot seem to get a straight answer. On our Fortigate 90D the FORTINET_FACTORY Cert is SHA1 signed and needs to be upgraded to SHA256. What is the correct way to update the FORTINET_FACTORY cert to SHA256? I know that I can generate the CSR request on the Fortigate but does that create the request local for that device from the Fortinet CA? Or do you have to use OPENSSL? Any information is greatly appreciated.
I'm not sure what problem you're trying to solve but I don't think what you're asking is possible. You'll need to get a signed cert from a valid CA if you want something other than what is loaded from the factory (as you should).
I would create a new certificate using your own server that meets your needs and just load it into the FortiGate.
Mike Pruett
You have a few options.
1> generate a new CSR ( openssl or certmanger )
2> upgrade the fortios ( and yes if your running 6.0.2 ....I would upgrade )
3> import your cert+key that's already done at sha2 family algo
Ken Felix
PCNSE
NSE
StrongSwan
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.