Certificates
The FortiAnalyzer unit generates a certificate request based on the information you enter to identify the FortiAnalyzer unit. After you generate a certificate request, you can download the request to a computer that has management access to the FortiAnalyzer unit and then forward the request to a CA.
The certificate window also enables you to export certificates for authentication, importing and viewing.
Local certificates
The FortiAnalyzer has one default local certificate, Fortinet_Local. From this menu you can create, delete, import, view, and download local certificates.
Figure 70:Local certificates sub-menu
The following information is displayed:
Certificate Name | Displays the certificate name. |
Subject | Displays the certificate subject information. |
Status | Displays the certificate status. Select View Certificate Detail to view additional certificate status information. |
The following options are available:
Create New | Select to create a new certificate request. |
View | Select the checkbox next to the certificate, right-click, and select View in the right-click menu to view the entry. |
Delete | Select the checkbox next to a certificate entry and select Delete to remove the certificate selected. Select OK in the confirmation dialog box to proceed with the delete action. Delete is also available in the right-click menu. |
Import | Select to import a local certificate. Browse for the local certificate on the management computer and select OK to complete the import. |
View Certificate Detail | Select the checkbox next to a certificate entry and select View Certificate Detail to view certificate details. |
Download | Select the checkbox next to a certificate entry and select Download to download the certificate to your local computer. |
To create a local certificate request:
- Go to System Settings > Certificates > Local Certificates.
- Select Create New in the toolbar.
The New Certificate window opens.
Figure 71:New local certificate
- Configure the following settings:
Certificate Name | The name of the certificate. |
Key Size | Select the key size from the drop-down list. Select one of: 512 Bit, 1024 Bit, 1536 Bit, or 2048 Bit. |
Common Name (CN) | Enter the common name of the certificate. |
Country (C) | Select the country from the drop-down list. |
State/Province (ST) | Enter the state or province. |
Locality (L) | Enter the locality. |
Organization (O) | Enter the organization for the certificate. |
Organization Unit (OU) | Enter the organization unit. |
E-mail Address (EA) | Enter the email address. |
- Select OK to save the setting. The request is sent and the status is listed as pending.
To import a local certificate:
- Go to System Settings > Certificates > Local Certificates.
- Select Import in the toolbar.
The Import dialog box opens.
- Select Choose File, browse to the location of the certificate, and select OK.
To view a local certificate:
- Go to System Settings > Certificates > Local Certificates.
- Select the certificates that you would like to see details about and select View Certificate Detail in the toolbar.
The Result page opens.
Figure 72:Local certificate details
The following information is displayed:
Certificate Name | The name of the certificate. |
Issuer | The issuer of the certificate. |
Subject | The subject of the certificate. |
Valid From | The date from which the certificate is valid. |
Valid To | The last day that the certificate is valid. The certificate should be renewed before this date. |
Version | The certificate’s version. |
Serial Number | The serial number of the certificate. |
Extension | The certificate extension information. |
- Select OK to return to the local certificates list.
To download a local certificate:
- Go to System Settings > Certificates > Local Certificates.
- Select the certificates that you would like to download, select Download in the toolbar, and save the certificate to the desired location.
To delete a local certificate:
- Go to System Settings > Certificates > Local Certificates.
- Select the certificate or certificates that you would like to delete and select Delete in the toolbar.
- Select OK in the confirmation dialog box to delete the certificate.
CA certificates
The FortiAnalyzer has one default CA certificate, Fortinet_CA. In this sub-menu you can:
- Delete CA certificates
- Import CA certificates
- View certificate details • Download CA certificates
To import a CA certificate:
- Go to System Settings > Certificates > CA Certificates.
- Select Import in the toolbar.
The Import dialog box opens.
- Select Choose File, browse to the location of the certificate, and select OK.
To view a CA certificate:
- Go to System Settings > Certificates > CA Certificates.
- Select the certificates that you would like to see details about, then select View Certificate Detail in the toolbar.
The Result page opens.
Figure 73:CA certificate details
The following information is displayed:
Certificate Name | The name of the certificate. |
Issuer | The issuer of the certificate. |
Subject | The subject of the certificate. |
Valid From | The date from which the certificate is valid. |
Valid To | The last day that the certificate is valid. The certificate should be renewed before this date. |
Version | The certificate’s version. |
Serial Number | The serial number of the certificate. |
Extension | The certificate extension information. |
- Select OK to return to the CA certificates list.
To download a CA certificate:
- Go to System Settings > Certificates > CA Certificates.
- Select the certificates that you would like to download, select Download in the toolbar, and save the certificate to the desired location.
To delete a CA certificate:
- Go to System Settings > Certificates > CA Certificates.
- Select the certificate or certificates that you would like to delete and select Delete in the toolbar.
- Select OK in the confirmation dialog box to delete the certificate.
Certificate revocation lists
When you apply for a signed personal or group certificate to install on remote clients, you can obtain the corresponding root certificate and Certificate Revocation List (CRL) from the issuing CA. When you receive the signed personal or group certificate, install the signed certificate on the remote client(s) according to the browser documentation. Install the corresponding root certificate (and CRL) from the issuing CA on the FortiAnalyzer unit according to the procedures given below.
To import a CRL:
- Go to System Settings > Certificates > CRL.
- Select Import in the toolbar.
The Import dialog box opens.
- Select Choose File, browse to the location of the CRL, and select OK.
- Select Choose File, browse to the location of the certificate, and select OK.
To view a CRL:
- Go to System Settings > Certificates > CRL.
- Select the CRL that you would like to see details about, then select View Certificate Detail in the toolbar.
The Result page opens.
- When you are finished viewing the CRL details, select OK to return to the CRL list.
To delete a CRL:
- Go to System Settings > Certificates > CRL.
- Select the CRL or CRLs that you would like to delete and select Delete in the toolbar.
- Select OK in the confirmation dialog box to delete the CRL.
Event log
The logs created by Fortinet are viewable within the Web-based Manager. You can use the FortiAnalyzer Log Message Reference, available in the Fortinet Document Library to interpret the messages. You can view log messages in the FortiAnalyzer Web-based Manager that are stored in memory or on the internal hard disk, and use the column filters to filter the event logs that are displayed.
Go to System Settings > Event Log to view the local log list.
Figure 74:Event log list
The following information is displayed:
Type | Select the type from the drop down list. Select one of the following: Event Log, FDS Upload Log, or FDS Download Log.
When selecting FDS Upload Log, select the device from the drop-down list, and select Go to browse logs. When selecting FDS Download Log, select the service (FDS, FCT) from the Service drop-down list, select the event type (All Event, Push Update, Poll Update, Manual Update) from the Event drop-down list, and Go to browse logs. |
# | The log number. |
Date The date that the log file was generated. Select the filter icon, , to
create a filter for this column.
Select the checkbox to enable this filter and specify the from and to date in the format YYYY-MM-DD. Select Apply to apply the filter, the filter. When the filter is enabled, the filter enabled icon, , is displayed. You can also clear all filters.
Time The time that the log file was generated. Select the filter icon, , to
create a filter for this column.
Select the checkbox to enable this filter and specify the from and to time in the format HH:MM:SS. Select Apply to apply the filter. When the filter is enabled, the filter enabled icon, , is displayed. You can also clear all filters.
Select the checkbox to enable this filter. Select a value for the field from the drop-down list, select the checkbox (NOT) if required, and select the level from the drop-down list. Select Apply to apply the filter. When the filter is enabled, the filter enabled icon, , is displayed. You can also clear all filters.
User User information. Select the filter icon, , to create a filter for this column.
Select the checkbox to enable this filter. Select a value for the field from the drop-down list, select the checkbox (NOT) if required, and enter the username in the text field. Select Apply to apply the filter. When the filter is enabled, the filter enabled icon, , is displayed. You can also clear all filters.
Sub Type | Log sub-type information. Select the filter icon, , to create a filter for this column. Select the checkbox to enable this filter, then select one or more of the event types. Select Apply to apply the filter. When the filter |
Message | is enabled, the filter enabled icon, , is displayed. You can also clear all filters.
The available event types are: System manager event, FG-FM protocol event, Device configuration event, Deployment manager event, Real-time monitor event, Log and report manager event, Firmware manager event, FortiGuard service event, FortiClient manager event, FortiMail manager event, Debug I/O log event, Device manager event, Web service event, FortiAnalyzer event, Log daemon event, and Device manager event. Log message details. Select the filter icon, , to create a filter for this column. Select the checkbox to enable this filter. Select a value for the field from the drop-down list, select the checkbox (NOT) if required, and enter a message in the text field. Select Apply to apply the filter. When the filter |
is enabled, the filter enabled icon, , is displayed. You can also clear all filters.
Pagination Use these page options to browse logs. You can select to display 50, 100, or 200 logs from the drop-down list.
The following options are available in the toolbar:
Download Select to download the event log elog. You can download the file as a comma separated value (CSV) file or in a normal format. Select OK to save the file to your management computer.
Raw Log/Formatted Select to display either raw logs for a formatted table. Table
Refresh Select to refresh the information displayed in the log table.