system certificate letsencrypt
Instead of uploading CA certificate from your local directory, an easier way is to configure FortiWeb to obtain a CA certificate from Let's encrypt on behalf of you.
It's recommended to configure Let's Encrypt certificate through Web UI, where more functions are offered. Refer to "Let's Encrypt certificates" in FortiWeb Administration Guide.
To use this command, your administrator account’s access control profile must have either w
or rw
permission to the admingrp
area. For details, see Permissions.
Syntax
show system certificate letsencrypt
config system certificate letsencrypt
edit "<certificate_name>"
set domain "<application_domain_name>"
set validation-method {HTTP-01 | TLS-ALPN-01 | DNS-01}
config subject-alternative-names
edit <index>
end
next
end
Variable | Description | Default |
Enter the name of a certificate file. The maximum length is 63 characters. | No default. | |
Enter the domain name of your application. FortiWeb will then retrieve the CA certificate for this domain from Let's encrypt. |
No default. | |
Set how soon FortiWeb obtains the SSL certificate from Let’s Encrypt. The valid range is 1-60 days. |
30 (days) |
|
|
HTTP-01 |
|
Enter domain names. Up to 10 items can be added and they all should belong to the same domain. |
No default. |