LetsEncrypt multi-SAN certificate (multi-Subject Alternative Names)

Hi,

Do you mean that the certificate cannot contain 15+ alternative names? If so this should be checked with some other root CA other than letsEncrypt and not on FortiWeb, if they can provide such certificate with many alternate names.

But if you already have required certificate with multiple SAN, we could check on adding required domains to FortiWeb.

Best regards,

Jin

How to set multidomains in Creation Dialog - see picture bellow.

Certbot, WinAcme and all other bots can request multi-Subject Alternative Names LetsEncrypt certificates.

FortiWeb can't do this?

Certificate that have alternate names like this

Hi,

BTW is this noted somewhere in documentation for FortiWeb?

best regards,

Ales

Hi,

coma separated and semicoma separated DNS names are not supported !

Let's Encrypt failed to issue certificate due to error. type: urn:ietf:params:acme:error:rejectedIdentifier, detail: Error creating new order :: Cannot issue for Domain name contains an invalid character

Wow that means 20webs per 10 Alternated DNS names = 200 Certificates + 200 SNI records..... I thing certificate issuing has some limits for one IP address issuer.

May be big trouble not just for us.

Please can be ticket to solving this situation inserted in high priority?

Resolution is simple - inserting DNS + alternate DNS names in separated input field and properly issuing on LetsEncrypt servers. As is known on other certificates bots i say (certbot, winacme)

Thank You

Ales

I'm encountering a comparable issue. My intention is to utilize the built-in Let's Encrypt option for FortiClient VPN users. Given that we have two ISPs, the SSL VPN is configured to listen on both interfaces. I've established two DNS A Records, but it seems that I can only use a single domain when using the cert creation wizard. Consequently, the backup IP won't have a valid certificate. Any recommendations or suggestions?