This project enables you to use an ACME (RFC 8555) compliant client, to request certificates via Microsoft® Windows® Server Active Directory Certificate Services.
The ACME (RFC 8555) protocol is famously used by Let's Encrypt® and thus there's a number of clients that can be used to obtain certificates.
If you are into PowerShell, you can e.g. use my open source module ACME-PS.
The server currently supports server certificate issuances and is able to handle http-01, dns-01 as well as tls-alpn-01 challenges. For issuing client certificates it supports device-attest-01 challenges, which is currently in draft state and thus 'experimental'. It needs an Microsoft ADCS for certificate issuance, that allows auto-enrollment for the template used with the server.
Please be advised that this project is NOT free for commercial-use, but you may test it in any company and use it for your personal projects as you see fit, please refer to the LICENSE file for details.
To obain a license for commercial-use, please contact me via e-mail.
Buying the license does not include maintenance, nevertheless I also provide maintenance contracts. If you need one or you need help in getting the service up and running, please use the e-mail-address above.
The software is provided "as is", without warranty of any kind.
- ACME (RFC 8555) compliant server for certificate issuance
- Certificate issuance via Microsoft® Windows® Server Active Directory Certificate Services
- Challenge types:
http-01dns-01tls-alpn-01(RFC 8737)device-attest-01(experimental, until standardized, Apple only currently, more Information)
- ExternalAccountBinding (EAB) support (more Information)
- Identifier types:
- Profiles 'automatic' and 'client selected', which allow to define different settings for different identifiers, e.g. different templates or CA servers.
- CAA validation as well as method binding (RFC 8657)
This guide will help you to get started with ACME-ADCS to issue certificates via Microsoft® Windows® Server Active Directory Certificate Services (ADCS) using the ACME protocol.
For instructions on how to get ACME-ADCS 2.1 up and running, please refer to the Readme of that Version.
This project uses software licensed under the MIT license: