| Description |
This article describes how to troubleshoot an issue that occurs when a let's Encrypt certificate is generated on FortiGate. |
| Scope | FortiOS, FortiGate, Let's Encrypt Certificate. |
| Solution |
When this issue occurs, the following error is returned:
Run the following commands to verify the error: get vpn certificate local details <domain name>
Verify if the SSL VPN is configured with port 443 by navigating to VPN -> SSL VPN Settings.
If SSL VPN has port 443 configured, change it to a different port, such as 10443 or another one:
If SSL VPN is not configured for port 443, verify if VIP/virtual server is configured for wan1 IP by navigating to Policy & Objects -> Virtual IPs. Change the VIP/virtual server external IP to other available public IP.
After changing the port/IP, delete the previously created certificate and create a new Let's Encrypt certificate.
Related articles: Troubleshooting Tip: ACME certificate provisioning Troubleshooting Tip: FortiGate VM is unable to obtain Lets Encrypt Certificate |
