How to install a wildcard SSL certificate on a FortiGate is a topic that pops up in conversation with our customers once in a blue moon. Heck, you may even be one of them! There are a few different reasons why you may want to install an SSL/TLS certificate on FortiGate — for example, it could have to do with wanting to secure your communications via a virtual private network (VPN).
Regardless of why you’re here, we thought we’d take a moment to walk you through the process on FortiGate for how to install a wildcard SSL certificate. It’s not a difficult process, but if you aren’t familiar with the mechanics of the wildcard installation process, it can be a bit confusing.
Here’s what you need to know:
Your Step-by-Step Directions on How to Install a Wildcard Certificate on FortiGate
Step One: Buy a Wildcard SSL Certificate
If you haven’t already, the first thing you need to do before you can even start the installation process is purchase a wildcard SSL certificate and generate a certificate signing request (CSR). After all, you can’t install what you don’t have, can you?
Purchase a Wildcard SSL Certificate from CheapSSLSecurity & Save Up to 80%!
We offer the best prices for wildcard SSL certificates from major certificate authorities like Comodo CA, RapidSSL, Sectigo, Thawte, and GeoTrust starting as low as $54.95 per year.
You can generate a CSR either using FortiGate itself or using cPanel. The choice is up to you.
Step Two: Download and Extract your Wildcard SSL Certificate
To install your wildcard SSL certificate on FortiGate, you’ll first need to get your digital certificate files.
- Go to your inbox — You should have an email from the CA or company you purchased the certificate from. Download the .zip file that contains your wildcard SSL certificate.
- You’ll first need to extract this .zip file into the directory where you store other certificates.
Step Three: Install Your Intermediate CA Certificate Bundle
You’ll want to import your SSL certificate that’s saved locally.
- You’ll need to log in to your FortiGate unit and go to the Settings.
- Under the Import drop-down menu and select Import Local Certificate.
- In the Type drop-down menu, choose the certificate that you wish to install — in this case, a PKCS #12 Certificate.
- Select OK.
Step Four: Configure Your FortiGate Unit
- Go back to FortiGate and navigate to the VPN section. Under SSL, select Settings.
- Look under the Connection Settings and find the Server Certificate
- Find the certificate you want to install in the drop-down menu.
- Select Apply.
Step Five: Save and Restart FortiGate
This is a pretty straightforward step and we’re sure you don’t need directions for this one.
You’ve now successfully installed and configured your SSL certificate on FortiGate.