Enabling and configuring ACME using TLS Protect

You can enable and configure the ACME service using TLS Protect.

NOTE  Before you do this, make sure that the ACME server component is installed. See Installing the ACME Service.

To enable and configure ACME

  1. From the TLS Protect menu, click Configuration> ACME.

  2. You will be prompted to Enable ACME?. Click Yes.

    Screen shot of the Enable Acme options with YES selected

  3. Under Create Certificates in, select the folder into which ACME Service certificates will be placed.

    IMPORTANT  A CA template must be assigned to the folder that you select. See Assigning a CA template to a policy folder.

  4. (Optional) Select Automatically create folders if they don't exist.

    • When selected, if a folder doesn't exist when the certificate's location is specified, a folder with that name will be created. In the certbot request's URL, the new folder's name cannot contain uppercase letters.
    • When cleared, certificate requests will fail if the folder doesn't already exist. An error message will be sent via certbot and an event will be logged in Trust Protection Platform. Certbot will display a similar message in the letsencrypt.log file.
  5. Type the ACME URL Hostname.

    NOTE  The default name is the fully qualified domain name (FQDN) of the engine. You have the option to change it here.

  6. When you're done, click Save.