Account Key Settings

An ACME account key has the following settings:

Name:

A short name for the key

Description:

A longer string describing the key

ACME Server:

The ACME server to which this key will be registered by the package.

Available servers include:

Let’s Encrypt Staging ACMEv2:

Use this server when testing the certificate validation process. Does not produce publicly trusted certificates.

Let’s Encrypt Production ACMEv2:

Use this server for trusted production certificates.

ZeroSSL:

Certificates issued by the ZeroSSL service.

SSL.com RSA/ECC:

Certificates issued by SSL.com either with RSA or ECC keys.

Google ACMEv2:

Certificates issued by Google, either for staging/testing or production.

The selection list also includes Custom ACME servers.

E-Mail Address:

An e-mail address to which the service might send important communications about the account or certificates.

Note

The Let’s Encrypt service no longer sends expiration notices for certificates via e-mail. They still send announcements to this address, such as when certificate features are added or deprecated.

Account Key:

The RSA private key for this entry. To create a new key, click fa-plus Create new account key.

Key Registration

Click fa-key Register ACME account key to register the account key with the selected ACME server. This registration may happen automatically while issuing or renewing a certificate, but doing so manually allows the user to ensure the registration process is working before attempting validation.

Warning

The Let’s Encrypt service does not require any special registration steps, the above procedure will work as written with that service.

Some ACME servers have manual key validation and/or registration procedures which must be performed before attempting to issue a certificate. Check with the provider before creating a key.