ACME or the Automated Certificate Management Environment, is a protocol that was designed several years ago to automate certificate lifecycle management. It was originally created by the Internet Security Research Group (ISRG) for use by the open-source certificate  authority, Let’s Encrypt.  

At the time, it was a necessary innovation owing to the fact Let’s Encrypt SSL/TLS certificates were valid for just 90 days, and would need to be replaced at least four times per year. That was different from other commercial CAs who – in abidance with the CA/Browser Forum Baseline Requirements – were issuing certificates with a maximum validity of 13 months (397 days). 

Well, that’s all about to change. Following the CA/B Forum face-to-face meetings held in early March 2023, Google announced its intention to reduce maximum certificate validity to just 90 days for all publicly-trusted SSL/TLS certificates.  

While there is not yet an effective date or deadline for this change – now is the time to begin planning automation of your certificate lifecycle management for SSL/TLS.  This blog discusses how important - and easy it is - to automate and manage certificate life cycles from beginning to end.