Account Key Settings¶
An ACME account key has the following settings:
- Name:
A short name for the key
- Description:
A longer string describing the key
- ACME Server:
The ACME server to which this key will be registered by the package.
Available servers include:
- Let’s Encrypt Staging ACMEv2:
Use this server when testing the certificate validation process. Does not produce publicly trusted certificates.
- Let’s Encrypt Production ACMEv2:
Use this server for trusted production certificates.
- ZeroSSL:
Certificates issued by the ZeroSSL service.
- SSL.com RSA/ECC:
Certificates issued by SSL.com either with RSA or ECC keys.
- Google ACMEv2:
Certificates issued by Google, either for staging/testing or production.
The selection list also includes Custom ACME servers.
- E-Mail Address:
An e-mail address to which the service might send important communications about the account or certificates.
Note
The Let’s Encrypt service no longer sends expiration notices for certificates via e-mail. They still send announcements to this address, such as when certificate features are added or deprecated.
- Account Key:
The RSA private key for this entry. To create a new key, click
Create new account key.
Key Registration¶
Click Register ACME account key to register the account key with
the selected ACME server. This registration may happen automatically while
issuing or renewing a certificate, but doing so manually allows the user to
ensure the registration process is working before attempting validation.
Warning
The Let’s Encrypt service does not require any special registration steps, the above procedure will work as written with that service.
Some ACME servers have manual key validation and/or registration procedures which must be performed before attempting to issue a certificate. Check with the provider before creating a key.