Sectigo Apache ACME integration overview

Apache version 2.4.30 and later supports ACME integration with CA via the mod_md module for automatic certificate management of Apache virtual hosts. This module manages common properties of domains for one or more virtual hosts.

The module serves two main purposes:

  • Enrolls/renews certificates via the ACME protocol (RFC 8555). Certificates are renewed by the module ahead of their expiration to prevent disruption in internet services. You can monitor the status of all certificates and configurations that run your own notification commands on renewal, expiration, and errors.

  • Adds support for External Account Binding (EAB) in mod_md to extend support to CAs that require EAB values for an ACME account registration with their respective ACME servers. The EAB feature is supported in Apache starting with version 2.4.48 and in mod_md starting with version 2.4.9.

Audience

This document is intended for security administrators and system administrators who manage Apache Server for an organization.

Scope

This document contains instructions for enrolling and managing Sectigo certificates on the Apache server’s virtual hosts. Setting up the Apache server is out of the scope of this document.