Using ACME to Apply for SSL Certificates for Hosts

ServBay supports using the ACME protocol to automatically apply for SSL certificates for hosts, providing a convenient and secure way to manage SSL certificates. ServBay offers a robust ACME management panel to simplify the process of obtaining ACME certificates.

TIP

By default, ServBay will first attempt to issue certificates using ZeroSSL. You can choose to use Let's Encrypt or Google Trust Services.

Prerequisites

ServBay applies for ACME certificates via DNSAPI, a more straightforward method that doesn’t require your website to be accessible on the internet.

Before applying for SSL certificates using ACME, please ensure the following prerequisites are met:

1. Acquire the API Key from your domain registrar: During the ACME application process, domain records for verification will be automatically added, so modification of the domain is required. To view supported DNS providers and how to obtain the API KEY, please visit How to get DNS API KEY.
2. Obtain EAB Information: If you are using Google Trust Services, you need to obtain the EAB information from Google Cloud.

Applying for SSL Certificates with ACME in ServBay

1. Open the ServBay Management Panel

   Launch the ServBay app and enter the management panel.

2. Enter the SSL Certificate Management Panel

   In the management panel, select the SSL Certificates option.

3. Click the + Symbol at the Top Right

   Click the + symbol to apply for a new certificate.

4. Enter Certificate Name and Select the Issuance Type

   Input an identifier for the certificate, select TLS/SSL under Usage, and choose ACME under Request Method.

5. Select the Issuer

   Choose the certificate issuer. The default is ZeroSSL, but you can also select Let's Encrypt or Google Trust Services. Here, we use ZeroSSL as an example.

6. Select DNS API Provider

   Choose the DNS service provider where your domain resides (it may not necessarily be your domain registrar, especially if your domain is not using the default DNS of the registrar); in this case, we use Cloudflare as an example.

7. Select the Certificate Issuance Algorithm

   We recommend using ECC to issue certificates. Compared to RSA, ECC certificates offer higher security, shorter data packets, which can effectively improve site performance and reduce bandwidth.

   The default key length is 384.

8. Set Verification Information

   In the input box, enter your email address for ZeroSSL. Also, input the API information for Cloudflare.

WARNING

Note: Do not input export before the API information.

9. Set Domain Name

   Enter your domain name (e.g., servbay.demo) in the domain field.

10. Start Application

    After filling in the information above, click the Request button to start applying for the SSL certificate.

Using the Certificate

Once you have successfully applied for an ACME certificate, you can use the certificate in Websites.

How to Renew SSL Certificates Applied Through ACME

Generally, SSL certificates applied for using ACME are valid for three months. ServBay will automatically renew certificates that are nearing expiration.

In normal circumstances, users do not need to manually renew certificates.

Summary

By using the ACME method, you can automatically apply and configure SSL certificates in ServBay. This approach simplifies the certificate management process and ensures that your website always uses the latest SSL certificate.

We hope this article helps you successfully configure SSL certificates using the ACME method and ensures your website remains secure and reliable.