Using ACME Certificates
2 minute read
Automatic Certificate Management Environment (ACME) is available for automating certificate issuing and renewal. The user must verify ownership of the domain before certificate automation is allowed.
To configure ACME certificate automation, you will need to add an ACME DNS authenticator to TrueNAS and have a Certificate Signing Request on the system.
ACME DNS Authenticators
Go to System > ACME DNS and click ADD.
Enter a name for the authenticator. This is only used to identify the authenticator in the TrueNAS web interface. Choose a DNS provider and configure any required Authenticator Attributes:
- Route 53: Amazon DNS web service. Requires entering an Amazon account Access ID Key and Secret Access Key. See the AWS documentation for more details about generating these keys.
Click SUBMIT to register the DNS Authenticator and add it to the list of authenticator options for ACME Certificates.
Creating ACME Certificates
ACME certificates can be created for existing certificate signing requests. These certificates use an ACME DNS authenticator to confirm domain ownership, then are automatically issued and renewed. To create a new ACME certificate, go to System > Certificates, click (Options) for an existing certificate signing request, and click Create ACME Certificate.
|Identifier||string||Internal identifier of the certificate. Only alphanumeric characters, dash (|
|Terms of Service||checkbox||Please accept the terms of service for the given ACME Server.|
|Renew Certificate Day||integer||Number of days to renew certificate before expiring.|
|ACME Server Directory URI||drop down||URI of the ACME Server Directory. Choose a preconfigured URI or enter a custom URI.|
|Authenticator for Domain Name (Domain Name dynamically changes)||drop down||Authenticator to validate the domain. Choose a previously configured ACME DNS authenticator.|
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.