Technical Tip: How to obtain a Let's Encrypt SSL for a domain in FortiWeb with the True Transparent Proxy mode HTTP validation type

Prerequisite:

• Domain/FQDN must pointed to the FortiWeb.
• Domain/FQDN HTTPS/HTTP must be publicly accessible.

1. In FortiWeb, navigate to Server Objects -> Certificates -> Let’s Encrypt. Create a new Let’s Encrypt Certificate request.

2. Select the request type to use HTTP-01, whereby Let’s Encrypt will be validating the domain SSL request using the HTTP validation method. Insert the name and the domain name.

3. The Let’s Encrypt cert will be in the init state. Do not click the issue icon before adding the Let’s Encrypt cert in the Server Pool.

4. Navigate to the Server Pool where the Let’s Encrypt Domain/FQDN pointing to.

5. Select Let’s Encrypt as the Certificate Type. Then select the created Let’s Encrypt Cert.

6. Go back to the Let’s Encrypt certificate page. Select the Issue icon of the Let’s Encrypt cert.

7. Wait for a couple of minutes for Let’s Encrypt to validate the Domain/FQDN and issue the certificate. Refresh the page and the certificate status shall be updated. Use the troubleshooting guide from Troubleshooting Tip: 'Let's Encrypt' SSL troubleshooting in case if issue fails.

8. The successfully issued Let’s Encrypt SSL Certificate should show the Domain/FQDN browsing with the certificate as shown.

Related documents:

Let's Encrypt certificates

Troubleshooting Tip: 'Let's Encrypt' SSL troubleshooting