FCP – FortiGate Administrator 7.6 — Question 36

An administrator wants to analyze and manage digital certificates to prevent browser warnings when users connect to the SSL VPN portal.
Which two statements describe how to correctly do this? (Choose two.)

Answer options

• A. The administrator can rely on the default FortiGate self-signed certificate to prevent all security warnings in the browser.
• B. The administrator must disable HTTPS administrative access entirely to avoid certificate warnings.
• C. The administrator can use a publicly trusted certificate from a known certificate authority (CA) to stop browser warnings.
• D. The administrator can import the FortiGate self-signed certificate into each user’s browser as a trusted certificate.

Correct answer: C, D

Explanation

The correct answers are C and D because using a publicly trusted certificate from a known CA (C) ensures that browsers recognize the certificate as valid, thus preventing warnings. Additionally, importing the self-signed certificate into each user's browser as a trusted certificate (D) eliminates warnings for users who may not have access to a trusted CA. Options A and B are incorrect because relying solely on a self-signed certificate does not guarantee the elimination of warnings and disabling HTTPS access is not a valid solution.