...
There are two options for using ACME with HARICA
| Enterprise Admin | Available in all accounts | TLS OV | instead of ACME challenges, the validations in CertManager (in the list of domains) are used | (sub)domains both with include and exclude configurable in CertManager |
| Enterprise User (End Users) | Can be switched on manually (see below) | TLS DV | user must always do an ACME challenge (http or dns) for domain validation | all domains within the Enterprise |
A domain MUST have been added to the Enterprise before ACME can be used for that domain.
...
- Once the account is created, you need to define the scope of domains. To do this, select the account and go to the "Domains" tab:
- After this, use the EAB credentials under "Details" in your favorite ACME client or communicate them via a secure channel to the administrator who will be working with them.
ACME for End Users
This is an additional implementation of ACME, which has functionally similar to Let's Encrypt: end users are given access (with a personal HMAC key) to an ACME server on which they can request certificates, as long as they can perform DCV during the ACME transaction.
...