SSL Certificate description
Never Worry About Expiring SSLs Again - Automate Your Certificates with ACME
Managing SSL certificates shouldn’t be a hassle. With Sectigo ACME (Automatic Certificate Management Environment) automation, you can eliminate manual installations, reduce human error, and ensure your certificates never expire. After a one-time simple setup, your Sectigo ACME Certificate-as-a Service (CaaS) certificate will be automatically managed and renewed in the background – so you can focus on running your business, not managing security.
Whether you’re securing a single website or an entire network, Sectigo ACME Certificate-as-a Service (CaaS) integrates directly with your infrastructure using ACME provisioning. Sectigo ACME CaaS is compatible with Linux, Windows, Kubernetes, cPanel, Plesk, and major web servers—integrating seamlessly with any ACME client for end-to-end SSL automation.
Sectigo ACME Certificate-as-a-Service (CaaS): Automate SSL Issuance, Renewal, and Deployment from Your Servers
Sectigo ACME Certificate-as-a-Service (CaaS) is the new way to consume public SSL certificates — pay per domain not per certificate. This modern service is designed for the proliferation of short-lived certificates and completely eliminates the manual work of issuing, installing, renewing, and deploying SSL certificates, no matter the certificate's validity period.
Built to work with the industry-standard ACME (Automatic Certificate Management Environment) protocol, Sectigo ACME CaaS allows your servers to connect directly with Sectigo's Certificate Authority (CA) to automatically deploy as many certificates as needed to ensure your domain (website) always stays secure. Very soon, all certificates will be 47-day certificates and you’ll be able to continually automate the entire certificate lifecycle with CaaS.
How it Works:
Once your server is configured with an ACME-compatible client, CaaS will:
- Automatically prove domain ownership (via HTTP-01 or DNS-01 challenges)
- Automatically request & install certificates as needed
- Automatically renew & replace certificates before expiration — no further manual work required after setup
This direct, server-to-CA communication ensures continuous encryption, eliminates renewal gaps, and reduces operational risk — without relying on calendar reminders or human intervention.
Built for Your Existing Infrastructure:
Sectigo ACME CaaS integrates with any environment that supports ACME clients, including:
- Linux and Windows servers
- Kubernetes clusters
- Control panels like cPanel and Plesk
- Major web servers (Apache, NGINX, IIS)
Whether you're securing a single website or an entire network, Sectigo ACME Certificate-as-a-Service (CaaS) delivers scalable, fully automated SSL management that adapts to any certificate validity period — even as lifespans continue to shrink.
Automation
SSL
| ACME Automation ACME Automation | Regular SSL Regular SSL | |||
|---|---|---|---|---|
| General Features | ||||
| General Features | ||||
| CSR Generation | ||||
CSR GenerationNormally, you have to generate it on your server or using an Online generator, entering Common name, Organization, City, State, Email, and Country. |
Automated | Manual | ||
| Private Key Generation | ||||
Private Key GenerationSame as with the CSR code |
Automated | Manual | ||
| Domain validation | ||||
Domain validationIn regular life, you upload validation file to your server every time, OR create DNS CNAME record or even validate via e-mail |
Automated | Manual | ||
| SSL Renewal | ||||
SSL RenewalWith Regular SSL, you create a new order, upload a validation file, receive new certificate files, and reinstall your certificate. ACME subscription? You don't care; you have full automation. |
Automated | Manual | ||
| SSL Installation | ||||
SSL Installation |
Automated | Manual | ||
-
Eliminate Manual Renewals
Never worry about tracking expiration dates or last-minute renewals again. Sectigo ACME CaaS automates SSL renewals, ensuring your certificates are always up to date without manual effort.
-
Reduce Downtime Risks
Expired certificates can cause costly service disruptions. Sectigo ACME CaaS eliminates this risk by automating SSL renewals, preventing downtime and security lapses. With ACME integration, your certificates will always be renewed before expiration, keeping your business online and protected.
-
Future-Proof Security
Stay ahead of evolving security standards with automated renewals for 90-day certificates. As shorter lifespans become the norm, Sectigo ACME CaaS ensures continuous protection and compliance without the need for manual intervention, keeping your encryption strong and always up to date.
-
Scale with Growth
Managing certificates (whether it’s 1 certificate or 1,000 certificates) doesn’t have to be complex. Sectigo ACME CaaS streamlines SSL deployment and lifecycle management, allowing you to scale effortlessly. Automate issuance, renewal, and revocation without increasing workload.
-
Easy Setup & Integration
Deploy SSL certificates effortlessly with step-by-step installation guidance tailored to your server environment and web server software. Just choose your website’s technical environment and we’ll walk you through a simple process to get your SSL certificate installed with just a few commands—no manual configuration.
Sectigo Certificate-as-a-Service is compatible with many different server/hosting environments, including:
- Web Servers - Compatible with web servers running NGINX, Apache, IIS, Caddy, and more
- VPS/Cloud Hostings – Works with any VPS hosting plan that provides you root/admin access, including AWS EC2, AWS Lightsail, DigitalOcean, Google Cloud Compute, Azure VM, GoDaddy VPS, Linode, and many others
- Containers - Works with Docker and Kubernetes
- Web Hosting Control Panels - Works with cPanel and Plesk (your hosting plan must enable SSH access)
Maximize efficiency, unlock revenue growth
We provide a powerful API that empowers our resellers to automate ACME and resell certificates with exceptional efficiency and ease.
-
What is Sectigo ACME Certificate as a Service (CaaS)?
Sectigo CaaS is a subscription-based service that automates SSL/TLS certificate management. It allows businesses to issue, renew, and manage SSL certificates effortlessly using the ACME protocol.
-
How does Sectigo ACME CaaS differ from traditional SSL certificates?
Sectigo ACME CaaS automates SSL certificate management using ACME, eliminating manual installation, renewal, and tracking. Unlike traditional SSL certificates, which require manual installation and expiration tracking, Sectigo ACME CaaS ensures continuous security with automatic renewals, reducing downtime risks and human error.
-
Which ACME clients are supported?
Sectigo ACME CaaS is compatible with any ACME-compatible client, including:
- Certbot – Recommended for Linux, Windows, and macOS environments
- acme.sh – A shell-based client suitable for advanced users
- Posh-ACME– Ideal for Windows PowerShell users
- win-acme – For Windows/IIS environments
- cert-manager – Designed for Kubernetes-based environments
-
Can I use Sectigo ACME CaaS without an ACME client?
No, Sectigo CaaS requires an ACME client for certificate issuance and management. Customers who need manual SSL installation should consider traditional SSL products.
-
Do I need full administrative access to my server or hosting environment?
In most cases, to use Sectigo ACME CaaS, you need administrative (root or sudo) access to your web server or cloud environment to install and manage SSL certificates. This service is best suited for:
- Self-hosted servers (Apache, NGINX, IIS)
- Cloud environments (AWS, Azure, Google Cloud)
- Kubernetes deployments
-
Can I use Sectigo ACME CaaS on shared hosting?
You can use Sectigo ACME CaaS if your hosting provider offers:
- SSH access – Needed to run ACME clients like Certbot or acme.sh.
- Custom SSL installation – Your hosting control panel (e.g., cPanel, Plesk) allows you to upload SSL certificates.
- Cron jobs or scheduled tasks – Enables automated ACME renewals.