Back to resources

October 15, 2019

NewsCorporate PKIDevOpsEJBCA EnterpriseEnterprise

Automated Certificate Issuance and Management with ACME

ACME PrimeKey

In March 2019, Automatic Certificate Management Environment (ACME) protocol was published as an Internet Standard in RFC 8555 by the IETF working group.

One trend in Certificate Issuance and Management is automation. Automation enables more efficient processes and reduces human errors. ACME enables automation of the issuance, domain validation procedure (that an applicant for a certificate legitimately represents the domain name) and management of certificates. Thus, allowing servers and other infrastructure software to obtain certificates without any end-user interaction. The final outcome is that ACME simplifies the deployment of HTTPS in general and PKIX-based authentication for other protocols based on Transport Layer Security (TLS), ref [RFC 8555]*. PrimeKey EJBCA Enterprise announced support for ACME in October last year (2018). Since then, our customers have used ACME for requesting and renewing certificates for their Linux servers, for example, and their feedback to us is that this new automatic process has:

  • dramatically reduced time to provision applications and servers
  • minimized the risk of expiring certificates and
  • increased security posture by lowering the expiration period of certificates by automated frequent renewals

Up until now, EJBCA Enterprise has supported Draft 12 from the IETF ACME working group. With EJBCA Enterprise 7.3, we are now happy to announce that our implementation has been updated to fully support the final version of the ACME IETF standard, RFC 8555.

EJBCA Enterprise is available as software and hardware appliances, a service on AWS and you own Cloud instances in AWS and Azure. The complete list of supported ACME operations and workflow examples will be available with the coming release.

See also other standard based protocols and application programming interfaces (APIs) in EJBCA Enterprise that enable you to implement automated certificate issuance and management processes, SCEP, CMP, EST, ACME, Web Services and REST.

*https://tools.ietf.org/html/rfc8555

Related blog and news

W Hotel - Photo by Leyre on Unsplash
2022-12-09
News
About PrimeKey

Tech Days 2023 – See the full program

CybersecurityMadrid
2021-11-04
News
About PrimeKey

PrimeKey strengthens presence in France with new subsidiary

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.
Confirm choices Accept all