Secure connections and certificates Page 102 FortiRecorder 2.4.2 Administration Guide
Table 12:System > Certificate > Local Certificate
See also
• Uploading & selecting to use a certificate
• Revoking certificates
• Supported cipher suites & protocol versions
• Uploading trusted CAs’ certificates
Setting name Description
View Click to view the selected certificate’s issuer, subject, and range of dates
within which the certificate is valid.
Generate Click to generate a certificate signing request. For details, see
“Generating a certificate signing request”.
Download Click to download the selected certificate’s entry in certificate (.cer),
PKCS #12 (.p12), or certificate signing request (.csr) file format. PKCS
#12 is recommended if you require a certificate backup that includes the
private key.
Certificate backups can also be made by downloading a configuration file
backup, which includes all certificates and keys. See “Regular backups”.
Set status To configure your FortiRecorder appliance to use a certificate, click its
row to select it, then click this button. A confirmation dialog will appear,
asking if you want to use it as the “default” (currently in use) certificate.
Click OK. The Status column will change to reflect the new status.
Import Click to upload a certificate. For details, see “Uploading & selecting to
use a certificate”.
Name Displays the name of the certificate according to the appliance’s
configuration file. This will not be visible to clients.
Subject Displays the distinguished name (DN) located in the Subject: field of
the certificate.
If the row contains a certificate request which has not yet been signed,
this field is empty.
Status Displays the status of the certificate.
• Default — Indicates that this certificate will be used whenever a client
attempts to connect to the appliance. Only one certificate can be in
use at any given time.
• OK — Indicates that the certificate was successfully imported. To use
the certificate, select it, then use Set status to change its status.
• Pending — Indicates that the certificate request (CSR) has been
generated, but must be downloaded, signed, and imported before it
can be used as a server certificate.
To Next Page
Loading...