Category Archives: Certificate

Extracting Private Key from FortiGate Firewall

Why would you need to export the private key when you create a CSR on the FortiGate.  If for instance,…

By Manny Fernandez

August 30, 2022

Extracting Your Private Key from a .pfx certificate

I had a customer that installed a wildcard certificate on an Exchange server.  Later they wanted to use the same…

By Manny Fernandez

August 30, 2022

Converting Certificates using OpenSSL

During the course of most security administrator's life, you will inevitably need to convert certificates from certain formats to other…

By Manny Fernandez

September 30, 2021

Configuring Microsoft CA Services

Microsoft includes a Certificate Authority Server or CA server at no cost to you (you will need a server license…

By Manny Fernandez

January 10, 2020

What Diffie-Hellman (DH) Group Should I Use

There has been a lot around Diffie-Hellman groups and which ones to use.  Some think that the bigger the DH…

By Manny Fernandez

January 7, 2020

FortiAuthenticator as a CA Server

In other articles, I have covered creating CA servers on Microsoft Windows and OpenSSL, here is an article using FortiAuthenticator.…

By Manny Fernandez

November 26, 2019

UPDATED – Certificate Pinning you SSL VPN with Microsoft CA and Fortigate Forticlient Using ‘user’ certificates

Customer wanted to ONLY allow devices that are trusted devices (owned by the customer) to connect using the ‘Full Access”…

By Manny Fernandez

May 15, 2019

Disabling Weak Ciphers on Fortigate Firewalls

A customer of mine sent me an email after having a vulnerability assessment done against his environment.  He got back…

By Manny Fernandez

April 14, 2019

Using OpenSSL for your SSL Decryption and distributing the cert via GPO

I have another post from a while back that uses Microsoft CA services which I will be updating in the…

By Manny Fernandez

April 7, 2019

Site-to-Site VPN Between Fortigates using Certificates instead of PSK

Had a customer running Checkpoint that needed to create a Site-to-Site VPN using a dynamic IP on the remote (Fortigate)…

By Manny Fernandez

February 11, 2019

Using Certificate to Login into a Fortigate

* Sometimes you may want to use a certificate to authenticate to you Fortigate firewall. This is a simple process…

By Manny Fernandez

February 11, 2019

Using OpenSSL to Provision Wildcard Certificate

I have my lab set up with plenty of gear from Fortinet, Cisco, Palo Alto and Checkpoint. In order to…

By Manny Fernandez

January 3, 2019

Categories

Recent posts

  • Have you ever ordered a bunch of Fortinet gear... Full Story

  • Had a customer with over 200 static routes on... Full Story

  • This is a work in progress, I will be... Full Story