Device-Local Certificate Expired
(2024-02-08)
Other options along the same lines
(
Source)
Problem
The local, internally generated certificate that the Fortigate presents for various things has expired.Solution
# execute vpn certificate local generate default-ssl-key-certs Are you sure to re-generate the default RSA, DSA, ECDSA and EdDSA key certs for ssl resign? Do you want to continue? (y/n)y
| Option | Does |
|---|---|
| cmp | Generate a certificate request over CMPv2. |
| default-ssl-ca | Generate the default CA certificate used by SSL Inspection. |
| default-ssl-ca-untrusted | Generate the default untrusted CA certificate used by SSL Inspection. |
| default-ssl-key-certs | Generate the default RSA, DSA and ECDSA key certs for ssl resign. |
| default-ssl-serv-key | Generate the default server key used by SSL Inspection. |
| ec | Generate an elliptic curve certificate request. |
| rsa | Generate a RSA certificate request. |
Source)
no comments |
post comment
Virtual Dave Megaplex:
- Home Page
- This wiki's start page
- Send Feedback To Dave
Logged in Users: (0)
Recently Changed
Check Internet Service Database Match- Device-Local Certificate Expired
- CLI Policy Lookup
- DH Selection For IPsec VPNs
- Scan For Newly Added Disk
- nmap
- Seconds Since Epoch to Local Time
- Link Monitor
- DH group to OAKLEY_GROUP table
- Fire Eater
- start
- FortiClient Error Codes
- dhparams Generation
- SSL Certificate Bundles
- ufw
- Grow A LVM Partition
- Creating Users
- whoami
- list databases
- 2023
- 2022
- 2019
- 2018
- 2017
- 2011
- 2010
- 2008
- 2001
- 2000
- 1999
Editing: snipsnap-help, Image Macro(Et auditum est, et idcirco ego nunc simulare)
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.