Get a Quote   (408) 943-4100               TrueNAS Discord      VendOp_Icon_15x15px   Commercial Support Toggle between Light and Dark mode

Configuring ACME DNS

  2 minute read.

Last Modified 2022-05-09 15:05 EDT
This feature is only available in the open-source supported TrueNAS CORE.

Automatic Certificate Management Environment (ACME) is available for automating certificate issuing and renewal. The user must verify ownership of the domain before certificate automation is allowed.

ACME certificate automation requires an ACME DNS Authenticator and a Certificate Signing Request.

Adding ACME DNS Authenticators

Go to System > ACME DNS and click ADD.

SystemACMEDNSAdd

Name the authenticator, choose a DNS provider, and configure any required Authenticator Attributes:

The Route 53 Amazon DNS web service requires entering an Amazon account Access ID Key and Secret Access Key. See the AWS documentation for more details about generating these keys.

Click SUBMIT to register the DNS Authenticator and add it to the authenticator options for ACME Certificates.

Creating ACME Certificates

SystemCertificatesAddACMECertificate

You can create ACME certificates for existing certificate signing requests. The certificates use an ACME DNS authenticator to confirm domain ownership. Then, they are automatically issued and renewed.

To create a new ACME certificate, go to System > Certificates, click (Options) for an existing certificate signing request, and select Create ACME Certificate.

Give the ACME certificate an identifier (name), and accept the TOS by setting Terms of Service.

For the Authenticator, select the ACME DNS authenticator you created, then click SUBMIT.