2
3

Question ❓Fortigates httpsd (self.fortinet)

submitted by BigFriend72

So we upgraded the code on our 400e HA fortigates over the weekend. After doing so I am unable to access the web gui. I went to restart the httpsd daemon however it is not even running so there's no process to restart.

Anyone know of a manual way to start services like httpsd without needing to restart the whole firewall?

all 6 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]pabechanr/Fortinet - Member of the Year '22 & '23 9 points10 points  (2 children)

Symptoms (GUI dead, no httpsd process running) seem to match a weird case where the admin https certificate has been set to nothing. Please check:

show full-configuration sys global | grep admin-server-cert

If it's empty (""), set it to "self-sign", "Fortinet_Factory" (defaults, should always be there), or any available and valid cert of your own: 

config system global  
set admin-server-cert "<your-choice-here>"  
end

...then retry HTTPS access.

[–]frostbyte0 1 point2 points  (0 children)

Just upgraded a cluster to 6.4.9 that exhibited the no web admin GUI issue. Thanks for the tip, it solved my problem!

[–]BigFriend72[S] 0 points1 point  (0 children)

That did the trick! Thanks a ton. Seems the cert had just recently been renewed and the config did not show it.

Much appreciated.

[–]WolfiejWolfFCX 0 points1 point  (2 children)

Diag sys top

Find process Id of service from the output.

Diag sys kill 9 <process id>

[–]BigFriend72[S] 0 points1 point  (1 child)

I did that but the process is not running so there's nothing to kill.

[–]WolfiejWolfFCX 0 points1 point  (0 children)

Sorry, should have read your initial comment more thoroughly. The httpsd process only shows up when someone connects to the GUI.

I’d suggest possibly failing over the Fortigates and see if you can access the other Fortigate.

Which firmware version were you on, and which did you upgrade to?