ACME Protocol: What it is and how it works

Automated Certificate Management Environments explained.

The ACME (Automated Certificate Management Environment) protocol was originally developed by the Internet Security Research Group for its public CA, Let’s Encrypt.

ACME is what facilitates Let’s Encrypt’s entire business model, allowing it to issue 90-day domain validated SSL certificates that can be renewed and replaced without website owners ever having to lift a finger.  

In March of this year the ACME protocol was finally published as an internet standard (RFC 8555) and now we’re starting to see commercial CAs support it. Including one of our biggest partners, Sectigo (formerly Comodo CA), which is currently beta testing its support for the protocol before a planned full launch this Summer.

Obviously – given the fact Sectigo offers business authentication SSL/TLS certificates in addition to other X.509 certificates like S/MIME, Code Signing, etc. – the use case for the ACME protocol is about to change quite a bit. But that’s to the benefit of corporate and enterprise clients with massive infrastructures and considerable digital certificate needs.

So, today we’re going to spend some time introducing the uninitiated to the ACME protocol, explaining what it does, how it works and why it’s going to change the way organizations manage their digital certificates forever.

Let’s hash it out.

The post ACME Protocol: What it is and how it works appeared first on Hashed Out by The SSL Store™.