Let’s Encrypt certificate management

0 users found this article helpful


Let’s Encrypt is a global Certificate Authority (CA). This organization is nonprofit and does not charge any fees for their certificates.


• Publicly accessible domain that resolves to the HALB or Secure Gateway directly or through third-party load balancers.

• On the HALB and Secure Gateway, port 80 must be opened for incoming Let’s Encrypt requests.


To issue a new Let’s Encrypt certificate:

1 In the RAS Console, navigate to Farm > Certificates.

2 Click the Tasks drop-down menu and choose Let’s Encrypt.

3 Select the "I have read and accept Let's Encrypt EULA" option.

4 In the Expiration emails field list specify the email addresses that will receive notifications from Let’s Encrypt.

5 Optionally, change the time when certificates are renewed automatically in the Automatically renew certificates before expiration field.

6 Click OK.

7 Click the [+] button to the left of the Tasks drop-down list and choose Issue Let's Encrypt certificate.

8 In the Issue Let's Encrypt certificate dialog, specify the following:

• Name: Name of the certificate.

• Description: Description of the certificate.

• Usage: HALB and/or Secure Gateway.

• Key size: Key size.

Was this article helpful?

Tell us how we can improve it.