ACME

Automatic Certificate Management Environment: the protocol used by Let's Encrypt and other CAs to issue and renew TLS certificates without human interaction.

ACME (Automatic Certificate Management Environment) is the protocol that lets a server prove it controls a domain and obtain a TLS certificate in a single automated workflow. The client (Certbot, acme.sh, Caddy, Traefik) generates a key pair, asks the CA for a challenge, satisfies it by serving a file at a well-known HTTP URL (http-01) or publishing a TXT record at `_acme-challenge.example.com` (dns-01), and receives the certificate. dns-01 is required for wildcard certificates and works even when port 80 is blocked. ACME is what makes free, 90-day, auto-renewed certs from Let's Encrypt operationally painless.

Reference

RFC 8555
Let's Encrypt: How It Works

Related terms

Certificate Authority
SSL/TLS Certificate
CAA Record
TXT Record

Referenced on

Choosing the Right TLD for Your Business: .com vs .io vs New gTLDs
How Expired Name Servers Become Domain Hijacking Vectors
SSL/TLS Error Codes Reference and Fixes

Back to the full glossary

Reference

Related terms

See also

Referenced on