Secardeo certACME is a proxy for the automatic registration of web server certificates using the ACME protocol (Automatic Certificate Management Environment). The lifetime of public TLS certificates, currently one year, is decreasing more and more, which is why automated certificate management is urgently required. The unavailability of web servers due to expired certificates can lead to massive financial damage. The ACME protocol is used to automate the interactions between certification authorities and web servers. It was developed for the free Let’s Encrypt CA service. However, many organizations prefer to use certificates from a commercial CA under a well-defined contract for public web servers. Or internal certificates from a Microsoft CA are used. certACME can be used to issue certificates from public certification authorities such as SwissSign or QuoVadis or an internal Microsoft CA. All certificates are stored in the central TOPKI certificate database. This ensures complete control over the certificates and auditable certificate management processes.
certACME can be easily integrated as a Microsoft IIS web application and acts as an ACME server for standard ACME clients. This validates the certificate requests using an HTTP request and forwards the Certificate Signing Request (CSR) to the connected public or private certification authority. CertACME optionally extends a CSR with company attributes such as organization, country, organizational unit. certACME stores all certificates in a local or central SQL database. certACME sends automatically configurable notifications to certificate managers and administrators.