Implementing Keyfactor ACME

As a high level overview, the work flow to implement Keyfactor ACME is as follows:

1. Complete the preparation steps (see Preparing).
2. Run the KeyfactorACME.msi installer. This can be, but does not need to be, on the same server on which Keyfactor Command is installed (see Installing Keyfactor ACME).
3. Run the configuration tool (KeyfactorACMEConfig.exe) Configure command with appropriate configuration for your environment (see The Configure Command).
4. Run the configuration tool (KeyfactorACMEConfig.exe) Identifiers command with appropriate configuration for your environment (see Validators and the Identifiers Command).
5. Run the configuration tool (KeyfactorACMEConfig.exe) Claims command with appropriate configuration for your environment (see The Claims Command).
6. Create EAB keys for your users (see GET KeyManagement).
7. Configure metadata Metadata provides information about a piece of data. It is used to summarize basic information about data, which can make working with the data easier. In Keyfactor Command, the certificate metadata feature allows you to create custom metadata fields that allow you to tag certificates with tracking information about certificates., if desired (see ACME Metadata).
8. Install Certbot or the ACME client of your choice (if not already installed).
9. Register an account for your ACME client with the Keyfactor ACME server (for Certbot, see Get an Account).
10. Include a call to Certbot using the Keyfactor ACME account in any server scripts that require certificate orders (see ACME Client—Certbot).