Skip to content

Latest commit

 

History

History
97 lines (66 loc) · 2.44 KB

acme_providers.md

File metadata and controls

97 lines (66 loc) · 2.44 KB
layout title nav_order parent description has_children
default
ACME Support
3
Concept & Overview
ACME support, challenges and providers
false

ACME providers

ACME protocol

The ACME protocol is defined in RFC8739. Let's Encrypt is the main provider and inventor of ACME based certificate issuing.

Let's Encrypt Production and Staging are included in certmgr.ntf. Additional providers can be added manually by specifying the ACME directory URL. You find the directory URLs listed for all tested providers.

Let's Encrypt Production

Let's Encrypt Production is most commonly used free certificate provider.

Main features

  • RSA 4096 and ECDSA NIST P-384 support
  • Wildcard certificates
  • Valid for 90 days
  • No registration required

Directory URL

https://acme-v02.api.letsencrypt.org/directory

Let's Encrypt Staging

Let's Encrypt Staging is intended for all type of test environments, not only for development. For new configurations Staging should always be your first test.

Main features

  • Designed for testing with higher certificate and error limits
  • Default configuration included in certstore.ntf
  • RSA 4096 and maximum ECDSA NIST P-384 support
  • Wildcard certificates
  • No registration required

Directory URL

https://acme-staging-v02.api.letsencrypt.org/directory

bypass

bypass a certificate provider from Norway offers free ACME based certificates and also commercial certificates.

Main features

Directory URL

https://api.buypass.com/acme/directory

ZeroSSL

ZeroSSL offers free ACME based certificates and also commercial certificates

Main features

  • RSA 4096 and maximum ECDSA NIST P-384 support
  • Wildcard certificates
  • Valid for 90 days
  • Requires registration and External Account Binding configured for the account on CertMgr side
  • No ACME account rollover
  • Certificate root is Comodo
  • Trusted root needs to be imported into certstore.nsf
    Import from Notes client cacerts.pem

Directory URL

https://acme.zerossl.com/v2/DV90