ACME Let's Encrypt Certificate Not Renewing

Forum|Forum|8 months ago
September 11, 2025
3 replies
1455 views

Hi all,

I hope you're well.

I am having trouble renewing my Let's Encrypt certificate with the ACME protocol. My FortiGate is currently running 7.4.8 and I have gone through the requirements checklist for ACME renewal and has local-in and other restriction disabled and attempting to run the command:

diagnose sys acme purge-archive

I've ran a sniffer, and it doesn't seem as though the manual commands and initiating any process.

Can anyone please confirm that I have the right command for 7.4.8 or provide any additional information for any steps that I may have missed?

Thanks,

Dan.

FortiGate

AEK

SuperUser

Hi Dan

The acme debug command should provide more info about the issue.

diagnose debug application acmed 7
diagnose debug enable

Ref: https://community.fortinet.com/t5/FortiWeb/Troubleshooting-Tip-Let-s-Encrypt-SSL-troubleshooting/ta-p/227116

AEK

Dan_Eng52Author

Explorer III

Hi AEK,

Thanks for the response, the issue is now resolved but I will definitely remember that command for next time.

I don't believe this is noted anywhere nor if it was a sheer coincidence however, on one of my firewalls I removed the certificate from the authentication settings and replaced with the Fortinet Factory. I then ran the same commands, and it worked straight away.

On another firewall I did that same thing, but it didn't work immediately this time around. As soon as I removed the ACME interface from the settings and re-applied it then worked immediately.

Many thanks,

Dan.

gopalko3

New Member

Thats dedinetly my issue. will the 2nd link you send solve the issue im having with renewing the cert? It looks like there will still be API calls that needs to be made to godaddy

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded