Upload a Trusted CA Certificate to an FDM-Managed Device
The FDM-managed device must have the trusted CA certificate needed to validate the connection to the Duo LDAP server. You can go directly to https://www.digicert.com/digicert-root-certificates.htm and download either DigiCertSHA2HighAssuranceServerCA or DigiCert High Assurance EV Root CA and upload it using Firewall Device Manager (FDM).
Procedure
Step 1 | Access the firewall device manager page of the FDM-managed device, choose Objects > Certificates. |
Step 2 | Click + > Add Trusted CA Certificate. |
Step 3 | Enter a name for the certificate, for example, DigiCert_High_Assurance_EV_Root_CA. (Spaces are not allowed.) |
Step 4 | Click Upload Certificate and select the file that you downloaded. |
Step 5 | Click OK. |
Step 6 | Onboard the device to CDO if you haven't onboarded it already. |
Step 7 |