ACME requirements
You must meet the following requirements to automate ACME enrollment with a PKIaaS gateway.
PKIaaS account requirements
You need an Entrust PKIaaS account with privileges to create an issuing certificate authority.
Certificate authority requirements
Make sure you have a subordinate CA with a profile of the privatessl group. You can either:
- Create a new CA with this group, as explained in Creating an issuing subordinate CA.
- Add this group to an existing CA, as explained in Selecting CA profiles.
TLS Cipher requirements
Enrollment URLs support the following TLS Ciphers.
ECDHE-RSA-AES128-GCM-SHA256ECDHE-RSA-AES256-GCM-SHA384