Getting Started with Fortinet

The quickstart section provides a comprehensive guide outlining the steps necessary to integrate Fortinet with Securosys on-premises Primus HSM or CloudHSM.

1. Prerequisites

Make sure to adhere to the Prerequisites before continuing with the procedure.

2. Installing the Primus PKCS#11 Provider

tip

The Securosys PKCS#11 provider v2.2.4 or later is already integrated into Fortinet (no installation needed).

However a valid configuration file and secrets have to be prepared and tested in advance on a separate client machine, to be loaded then to the Fortinet via CLI or GUI.

Install and configure on a client PC the version of Primus PKCS#11 provider corresponding to the Fortinet integrated version.
Check for connectivity with your HSM.
Use the configuration file, PKCS#11 password and secret to be configured on the Fortinet.

More details on Securosys PKCS#11 Provider Preparations.

3. Configuring FortiGate and FortiWeb with Securosys HSM

Configure the Fortinet firewall to use the on-premises Primus HSM or CloudHSM cluster.

For FortiGate, follow the instructions provided in FortiGate Configuration.
For FortiWeb, follow the instructions provided in FortiWeb Configuration.

4. Configuring additional Fortinet components

To configure additional components to use the HSM key (CA Certificate Generation, Certificate usage, WAD Deep Inspection in Explicit Proxy Policy, HTTPs Administrative Access), consult the Fortinet documentation.

1. Prerequisites​

2. Installing the Primus PKCS#11 Provider​

3. Configuring FortiGate and FortiWeb with Securosys HSM​

4. Configuring additional Fortinet components​

1. Prerequisites

2. Installing the Primus PKCS#11 Provider

3. Configuring FortiGate and FortiWeb with Securosys HSM

4. Configuring additional Fortinet components