Changing FortiPoC Web Certificate

You can replace the default HTTPS certificate.

Copying

You must copy the key and the certificate (prefer a full chain certificate) to FortiPoC. To let FortiPoC identify the key and cert pair, you must name your files with same basename without extension, ex:

my_ssl.key
my_ssl.crt

Copy the two files with scp:

scp my_ssl.key my_ssl.crt admin@FORTIPOC_IP:https

Available certificates

To list available certificates, from the CLI run get webserver cert list, ex:

fortipoc # get webserver cert list
my_ssl

Switch to a custom certificate

To switch to a custom certificate, from the CLI run set webserver cert <NAME> with <NAME> as returned by the list command, ex:

fortipoc # set webserver cert my_ssl

View current certificate

To view certificate currently use, from the CLI run get webserver cert.

It will return either the name of the certificate or default certificate if the default one is used, ex:

fortipoc # get webserver cert
my_ssl

Switch to default certificate

To return to the default certificate, from the CLI run unset webserver cert.

Erasing custom certificates

To erase custom certifctaes, from the CLI run unset webserver cert file <NAME>....

Warning

FortiPoC issues a warning if you try to erase current custom certificate.