Staff

Troubleshooting Tip: ACME Certificate Renewal Failure with error message 'A.C.M.E. Certificate renew has failed. Client lacks sufficient authorization'

Forum|Forum|11 months ago
June 20, 2025
0 replies
736 views

Description

This article describes what to check when the ACME certificate renewal fails with the error message 'A.C.M.E. Certificate renewal has failed. The client lacks sufficient authorization on FortiClient EMS.

Scope

FortiClient EMS.

Solution

If getting the error message 'A.C.M.E. Certificate renew has failed. Client lacks sufficient authorization', The sample message is as follows:

Screenshot 2025-06-20 172522.png

To resolve the ACME certificate renewal failure on FortiClient/EMS, check the following items:

Verify that there are no geo-blocks on the virtual IP that resolve to FortiClient EMS FQDN on ports 443 and 80.
If the issue persists, temporarily disable the 'SSL inspection' profile in policy and check the traffic log in real-time in the FortiGate to see what the FortiClient EMS server IP is trying to connect to.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded