Let's Encrypt Certificates are completely 100% free certificates that are generated via an automated process designed to eliminate the current complex process of manual creation, validation, signing,
installation, and renewal of certificates for secure websites. Your PBX implements this same automated process.
If you have the Commercial (Full) Sysadmin module, you can specify that a 'LetsEncrypt Only' service listens on port 80. See the Port Management page for more information.
Let's Encrypt certificate creation and validation requires unrestricted inbound http access on port 80 to the Let's Encrypt token directories. If security is managed by the PBX Firewall module, this process
should be automatic. Alternate security methods and external firewalls will require manual configuration.
You can manually enable the custom firewall rule for allowing global access to Lets encrypt token directories by enabling LetsEncrypt Rules under Firewall Advanced settings tab through the GUI or by
running "fwconsole firewall lerules enable" from the CLI and the same can be disabled by disabling LetsEncrypt Rules from GUI or by running "fwconsole firewall lerules disable" from the CLI.
There are several required options to generate a Let's Encrypt Certificate