IPSec VPN
Managing digital certificates
FortiGate-50R Installation and Configuration Guide
163
Figure 22: Adding a phase 2 configuration
Managing digital certificates
Digital certificates are used to ensure that both participants in an IPSec
communications session are trustworthy, prior to an encrypted VPN tunnel being set
up between the participants.
Fortinet uses a manual procedure to obtain certificates. This involves copying and
pasting text files from your local computer to the certificate authority, and from the
certificate authority to your local computer.
•
Obtaining a signed local certificate
•
Obtaining a CA certificate
Obtaining a signed local certificate
The signed local certificate provides the FortiGate unit with a means to authenticate
itself to other devices.
Note:
Digital certificates are not required for configuring FortiGate VPNs. Digital certificates are
an advanced feature provided for the convenience of system administrators. This manual
assumes the user has prior knowledge of how to configure digital certificates for their
implementation.
Note:
The VPN peers must use digital certificates that adhere to the X.509 standard.
Summary of Contents for FortiGate 50R
Page 16: ...16 Fortinet Inc Customer service and technical support Introduction ...
Page 32: ...32 Fortinet Inc Next steps Getting started ...
Page 40: ...40 Fortinet Inc Completing the configuration NAT Route mode installation ...
Page 112: ...112 Fortinet Inc Customizing replacement messages System configuration ...
Page 144: ...144 Fortinet Inc Content profiles Firewall configuration ...
Page 202: ...202 Fortinet Inc Logging attacks Network Intrusion Detection System NIDS ...
Page 216: ...216 Fortinet Inc Exempt URL list Web filtering ...
Page 228: ...228 Fortinet Inc Configuring alert email Logging and reporting ...
Page 232: ...232 Fortinet Inc Glossary ...