Managing certificates for key pairs with ACME - PingAccess - 8.0

PingAccess

bundle
pingaccess-80
ft:publication_title
PingAccess
Product_Version_ce
PingAccess 8.0 (Latest)
category
Product
pa-80
pingaccess
ContentType_ce

The ACME protocol is an Internet Engineering Task Force (IETF) proposed standard protocol that automates the signing of TLS certificates by a certificate authority (CA)certificate authority (CA)CA An entity that issues digital certificates..

By default, the ACME certificate management option in PingAccess uses the staging Let’s Encrypt ACME CA.

Note:

The Let's Encrypt staging server, which PingAccess uses by default, has more lenient rate limits but it doesn't generate functional certificates, to support its use for testing purposes. For more information about rate limits, see the Let's Encrypt documentation.

After testing your environment, you must switch to a production server using the PingAccess administrative APIapplication programming interface (API) A specification of interactions available for building software to access an application or service..

  1. Use a GET call to /pa-admin-api/v3/acme/servers to retrieve the ID of a production server.
  2. Use a PUT call to /pa-admin-api/v3/acme/servers/default to set the production Let's Encrypt server as the default.

To add more ACME servers, use a POST call to /pa-admin-api/v3/acme/servers. For more information about the administrative API endpoints, see Administrative API endpoints.

To manage certificates with ACME:

  1. Click Security and then go to Key Pairs > Key Pairs.
  2. Click the Pencil icon, and then click Manage with ACME for the key pair.

    The ACME status changes to Pending. When the protocol has completed, the status changes to Valid if the protocol completed successfully.