Hi
For those using FortiGate firewalls, please be aware that FortiOS 7.0 supports ACME certs now.
You can easily get a free Lets' Encrypt certificate in a few clicks; FortiOS will do the rest. This is useful for your admin web page or your SSL portal.
How to set it up: New Features | FortiGate / FortiOS 7.0.0 | Fortinet Documentation Library
Great integration!
Great news!
A question tho @tco, although I don't know if you're affiliated with Fortinet: I assume FortiOS will automatically renew the certificate each 60 days? Because this isn't mentioned in the documentation as far as I can see. And the use of "Import" in the sentence "Import an ACME certificate in the GUI" suggests a one-time thing to me.. So I'm in doubt.
Also, can the certificate also be used for other purposes other than securing the remote administrator access to the FortiGate?
Hi
There is a parameter called "Renew Window" when you setup the ACME client.
It is 30 days by default, See the doc file and screenshot.
SSL portal cert is the use case I have.
Bye
Ah, I seem to have missed that option!
So that's the amount of days between the expiry date and when FortiOS will start to try to renew, right?
Hi Osiris,
It looks like this what the doc says. But I haven't seen the renewal yet mysef.
https://docs.fortinet.com/document/fortigate/7.0.0/cli-reference/354620/config-vpn-certificate-local
Bye
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.