Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Rvdplas-NL
New Contributor II

ACME certificate showing not secure

Followed the manual from this post: https://community.fortinet.com/t5/FortiGate/Technical-Tip-ACME-certificate-showing-not-secure/ta-p/1...

I Cannot find a way to forcing the letsencrypt certificate to be renewed with the correct url.

The post itself is correct, but needs some more steps..

 

1 Solution
Rvdplas-NL
New Contributor II

Solution is to create the cert from the CLI instead of the gui

View solution in original post

6 REPLIES 6
mhe
Contributor II

What error do you get?

Rvdplas-NL
New Contributor II

The browser states that the certificate is not legit (thats correct because it's still a staging certificate):

 (CN) (STAGING) Artificial Apricot R3
 (O) (STAGING) Let's Encrypt

 

mhe

in that case you have not adjusted "set acme-url" to the production URL

Rvdplas-NL
New Contributor II

Seems correct, but do i need to run a command to re request the certificate with the new acme-url ?

config vpn certificate local
edit "Test"
set password ENC hash
set comments "Renewed with ACME on Wed Jan 12 10:46:58 2022 (UTC)"
set range global
set enroll-protocol acme2
set acme-ca-url "https://acme-v01.api.letsencrypt.org/directory"
set acme-domain "*"
set acme-email "*"
set acme-renew-window 1
next
end 

Bai_Ganyo

Thank you for sharing the solution! 

Rvdplas-NL
New Contributor II

Solution is to create the cert from the CLI instead of the gui

Labels
Top Kudoed Authors