Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fioretti
New Contributor

FortiWeb & Let's Encrypt

Hi

I have to implement Let's Encrypt certificates on my fortiweb 400E appliance.

For test purposes I managed to achieve it on my demo/test FortiWeb 400D, everything is fine.

On my production 400E I constantly get error logs :

 

Let's Encrypt failed to issue certificate due to error. type: urn:ietf:params:acme:error:unauthorized, detail: Invalid response from https://mydomain.com:443/...Z8c24reLuAUbCS5lhnNhAg [AA.BB.CC.DD]: 404

 

I figured out that the same log is on my internal WEB servers:

 

2021-10-21 10:56:09 10.21.100.63 GET /.well-known/acme-challenge/AgFHf9h8EJ74tf3u80DfkZ8c24reLuAUbCS5lhnNhAg - 4016 - 10.21.102.43 Mozilla/5.0+(compatible;+Let's+Encrypt+validation+server;++[link]https://www.letsencrypt.org)[/link] http://mydomain.com/.well...Z8c24reLuAUbCS5lhnNhAg 404 0 0 22

 

so my conclusion is that fortiweb pass the request from letsencrypt.org to internal servers instead of processing it.

 

This behavior is not present with my test/demo 400D appliance.

Any ideas how to solve it?

 

tnx

1 REPLY 1
jintrah_FTNT
Staff
Staff

Hi,

 

I see the error unauthorized, so once authorization response is correct FortiWeb should be able to process itself . Please check if GEO location US is blocked somewhere, you may follow Administration Guide | FortiWeb 6.4.0 | Fortinet Documentation Library and recreate the certificate again.

 

Best regards,

Jin

Labels
Top Kudoed Authors