Why ACME?
Chrome recently announced they are exploring a reduced maximum WebPKI certificate validity of 90 days to improve security, increase resiliency, and promote agility. By adopting ACME, you will be ready.
ACME is CA-neutral, which means that switching to another CA is as simple as changing a setting. This flexibility can be useful in cases of outages, distrust, or contractual obligations.
ACME's capability to work with both public and private PKI provides a unified solution for certificate lifecycle management. This means that you can have confidence that your services will always have the necessary certificates to ensure the uptime your customers demand.
ACME enables your CA to communicate planned revocation events before they take place, allowing your systems to obtain a replacement certificate automatically before the revocation takes place. This enables you to avoid downtime or after-hours support tickets.
Most certificate-related outages occur due to manual certificate issuance. By adopting ACME for certificate lifecycle management, you can eliminate the dependence on individuals to handle the mundane task of enrolling for certificates.