SIGNIFLOW

Discover our signature platform: sign and request signature for your PDFs in a fex clicks!

JOIN OUR AFFILIATE NETWORK

Join our affiliate network
and become a local SSL expert
Learn more about our program

PRODUCTS TO DISCOVER

SSL certificates Invoice signature eIDAS certificates Signature software

Menu
picture of tbs certificates
picture of tbs certificates
Certificates
ALL CERTIFICATES
SSL Extended Validation SSL Standard RGS certificates eIDAS certificates SSL ECC SSL wildcard SSL Multiple sites / SAN Quick and Dirty SSL
Specific certificates VMC certificates
E-signature Strong authentication S/MIME certificates
Test certificates PKI Solutions Trust Seals
SigniFlow: the platform to sign and request signature for your documents
Signature software
Our products range
TBS X509 DigiCert Thawte Sectigo GlobalSign GeoTrust Certigna ChamberSign SigniFlow Harica
Partners
Client login Customer accounts Open an account
Support
FAQ SHA256: Browsers' compatibility ECC: Browsers' compatibility
Focus
Invoices dematerialization
We now provide solutions compliant with RGS** and eIDAS qualified standards for invoices signature and time stamping. Further information


ACME offer by DigiCert

DigiCert ACME offer allows you to automate both public and private OV and EV certificates by using your preferred third-party ACME client.

How to access the tool?

ACME is available (in Beta version) on all TBS Certificates Centers.

The pre-requisites

To use ACME you'll have to set up a pre-validation first.

One pre-validation is required for each organization/certificate type (DV, OV, EV) couple for which you'll need to order ACME certificates.

You'll also have to implement and configure a third-party ACME protocol of your choice before using the tool.

Finally you should preferably prepare your Apache HTTP configuration before placing your first ACME order.

How does it work?

Once all the requirements are met, go on the ACME section of your Certificate Center.

ACME URL

The first step is to create an ACME URL or access point:

Creation of an ACME access point

Give a friendly name to your access point, select the relevant product and organization and click on "Creation of an ACME access point".

A URL can be invalidated at any time.

Once it is done, the credentials needed for your preferred ACME client to communicate with the DigiCert cloud (KID value and HMAC key) are displayed as long as an example of command to order a certificate:

ACME credentials

Warning: The credential are only displayed once at the moment they are created. Save those values to be able able to order certificates. If you ever lose your ACME URL details, you'll need to revoke the lost URL and generate a new one.

A unique path ("directory" parameter) must also be created for each ACME URLs.

Your ACME URLs are then displayed:

List of ACME URLs

The order

You can now order certificates!

To do so, execute the command displayed in the exmaple above.

The certificates delivered by ACME are also displayed on the page:

List of ACME certificates

Note: the tool does not allow to revoked certificates issued by ACME yet.

Once the tool is ready you can configure crons that will handle automatic renewals of your ACME certificates.

For which products?

It is only possible to create access points for Thawte SSL OV & EV, Geotrust TrueBusiness ID OV & EV and DigiCert Secure Site OV & EV certificates. It is not possible to request DV or wildcard certificates or wildcard SANs) via ACME.

Only 1 year valid certificates (not the plan offers) are available on ACME.

The invoicing

ACME certificates prices are debited from the account balance just like a normal order for Deposit accounts. They benefit from the same negotiated prices. For Bulk Purchase and Rebate accounts, tokens are debited.

Note: the account must be creditor to accept ACME orders. They are not charged in realtime, but "from time to time".

Likewise, Bulk Purchase and Rebate accounts must have tokens available to pass order.

In the Certificate Center

Your ACME certificates are easily accessible from the ACME section of your Certificate Center but are also displayed in the "classic" other sections. They are identifiable by their TBS reference starting with "DCACME-".

Further information

There are some particularities to the ACME certificates:

  • their anniversary dates are lost during renewal
  • their validity period is defined by the CA/B Forum (13 month maximum for now)
  • ACME certificates benefit from the 30 days "Money back guarantee". The refund requests will have to be done via the certificate status page.

ACME clients

There are several ACME clients available from which you can make a choice according to your needs and constraints. You'll find a non-exhaustive list here.

What's next?

In the few next weeks, you'll be able to revoke your ACME certificates from their status page.