Enable ACME Issuance
This health check ensures that ACME (Automatic Certificate Management Environment) is enabled in mounts that use intermediary issuers. Enabling ACME is a best practice for supporting automated certificate issuance and a self-rotating PKI infrastructure.
Health Check Name: enable_acme_issuance
Accessed APIs
READ
/config/acme
Checks ACME configuration settings
READ
/config/cluster
Verifies cluster configuration
LIST
/issuers (unauthenticated)
Lists available certificate issuers
READ
/issuer/:issuer_ref/json (unauthenticated)
Fetches ACME details for a specific issuer
Configuration Parameters
(None)
This check does not require configurable parameters.
Health Check Results
ACME is not enabled on a mount with an intermediary issuer
Informational
ACME support is not mandatory, but enabling it is strongly recommended for operational efficiency and certificate lifecycle automation.
Recommended Actions
Enable ACME on the appropriate mount:
Ensure the mount contains an intermediary issuer, as ACME issuance is typically tied to such issuers.
Test ACME endpoints using tools like
curlor an ACME client (e.g., Certbot) to verify correct setup.
Last updated
Was this helpful?