1. In FortiADC, navigate to System -> Manage Certificates >- Local Certificate Tab and select Import.

2. In the Type dropdown menu of the Local Certificate Import page, select Automated.

3. After selecting Automated type, more settings will appear on the page. The Certificate Name will be used to identify the certificate. Insert the Domain Name on which the Let’s Encrypt SSL Certificate will be installed. Insert the Email Address which will be registered in the Let’s Encrypt SSL Email Notification mail. Keep the Key Type and Key Size unchanged, leave the Password empty, or insert only if necessary. Select Let’s Encrypt for ACME Service and the Challenge Type that suitable for the environment. In the example, the DNS-01 challenge type is used. Insert the Challenge Wait Time when the FortiADC will initiate the Let’s Encrypt Domain Validation before the Challenge Wait Time expires.

4. After selecting Save on the Local Certificate page, a page shall prompt with the DNS-01 Challenge TXT record to be added to the Domain Name.

5. Add the DNS TXT record before the Challenge Wait Time expires. Verify that the DNS TXT records query result.

6. The certificate status shows as Pending which the FortiADC has not initiated the domain validation or the domain has not completed the validation challenge.

7. The Local Certificate status shall show OK after the challenge wait time expires.

8. Select the Edit icon to check the SSL Certificate details.

Related document: