Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Lovepreet_Dhillon
Staff
Staff

Created on ‎07-29-2022 10:31 AM Edited on ‎09-21-2023 09:42 PM By Moderator

Article Id 218906

Technical Tip: ACME certificate with certificate management services other than Let's Encrypt on v7.0.2 and above

Description

This article discusses how to configure the ACME certificate with certificate management services other than Let's Encrypt on 7.0.2 and above.
Scope

FortiOS 7.0.2 and above.
Solution

FortiGate provides an option to choose between Let's Encrypt, and other certificate management services that use the ACME protocol.

 

Up until 7.0.1, GUI option was available to choose between  'Let's encrypt' or 'Other' under ACME services.

 

The option 'Other' allows to define the acme-url other than Lets encrypt.

 

7.0.1 :

 
Lovepreet_Dhillon_1-1659047652819.png

 

Note: Starting with FOS 7.0.2 'Other' cannot be chosen in the GUI anymore.

 

7.0.2:

 

Lovepreet_Dhillon_2-1659047679427.png

 

In 7.0.2 and onwards this option is available only via CLI.

 

config vpn certificate local

set enroll-protocol acme2

set acme-ca-url https://#####<- Enter the other CA's URL.

acme-domain : example.com

acme-email : example.com

next

end

 

Related document:

Technical Tip: ACME certificate showing not secure
4112
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.