Wednesday, 3 December 2014

How-to: Change WebGUI HTTPS certificate on Fortinet devices

Below is a list of commands required to change the default HTTPS certificate that gets presented on the admin WebGUI.

For each of these examples I've already loaded a certificate called 'webgui-cert'. Change this value to match the certificate you import.
Read more »
Posted by at 2 comments:
Labels: , , , , , , , , , , ,

Monday, 1 December 2014

How-to: Disable SSLv3 on Fortinet devices

With the release of the POODLE vulnerability, Fortinet have released a great article on howto disable SSLv3 on all the Fortinet devices that are affected.

The list goes on to include:

  • FortiGate
  • FortiMail
  • FortiAnalyzer
  • FortiManager
  • FortiAuthenticator
  • FortiCache
  • FortiWeb
  • FortiDDOS
  • FortiADC-D
  • FortiClient
  • FortiVoice-Enterprise
  • FortiRecorder
  • FortiDB
  • FortiSwitchOS
  • FortiSwitch ATCA
Fortunately disabling SSLv3 is very simple on all devices, with some just requiring an upgrade.

I won't go into detail on howto disable SSLv3 on every box as it's covered in the article linked above. I just wanted to go through on how you can test to ensure that SSLv3 has been disabled once you've made the configuration change.
Read more »
Posted by at No comments:
Labels: , , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)