Ideally, that means using APIs or workflows that leverage the Automatic Certificate Management Environment (ACME) protocol. ACME is an open standard that enables automated interactions between certificate authorities and servers, allowing certificates to be requested, issued, renewed, and replaced programmatically.
“Certificates are issued, deployed, and validated automatically across environments, whether that’s cloud load balancers, Kubernetes clusters, or on-prem gateways,” Clay says. “The goal is to make renewal a background process, not an emergency project, but always supported by communication and accountability.”
Vira Tkachenko, chief technology and innovation officer at MacPaw, agrees. She explains that her team is using ACME to automate certificate renewals in environments where it is supported, such as their Cloudflare setup and virtual servers with Let’s Encrypt. In areas where ACME is not yet available, they are in the process of establishing a centralized certificate inventory to maintain visibility and prevent unexpected expirations.
