Enable ACME Issuance

This health check ensures that ACME (Automatic Certificate Management Environment) is enabled in mounts that use intermediary issuers. Enabling ACME is a best practice for supporting automated certificate issuance and a self-rotating PKI infrastructure.

Health Check Name: enable_acme_issuance

Accessed APIs

Method

Endpoint

Description

READ

/config/acme

Checks ACME configuration settings

READ

/config/cluster

Verifies cluster configuration

LIST

/issuers (unauthenticated)

Lists available certificate issuers

READ

/issuer/:issuer_ref/json (unauthenticated)

Fetches ACME details for a specific issuer

Configuration Parameters

Parameter

Description

(None)

This check does not require configurable parameters.

Health Check Results

Condition

Status Level

ACME is not enabled on a mount with an intermediary issuer

Informational

ACME support is not mandatory, but enabling it is strongly recommended for operational efficiency and certificate lifecycle automation.

Recommended Actions

Enable ACME on the appropriate mount:
Ensure the mount contains an intermediary issuer, as ACME issuance is typically tied to such issuers.
Test ACME endpoints using tools like curl or an ACME client (e.g., Certbot) to verify correct setup.

PreviousToo Many Certificates NextACME Response Headers Configuration

Last updated 3 months ago

Was this helpful?