Learn how to automatically provision and manage TLS certificates using ACME Certificate Authorities like Let’s Encrypt with Infisical PKI
_acme-challenge.<YOUR_DOMAIN>
with a value derived from the challenge token.
Set Up AWS Connection with Required Permissions
YOUR_HOSTED_ZONE_ID
with your actual Route53 hosted zone ID.For detailed instructions on setting up an AWS connection, see the AWS Connection documentation.Register ACME Certificate Authority
Create ACME CA
https://acme-v02.api.letsencrypt.org/directory
for Let’s Encrypt).Verify ACME CA Registration
Create Subscriber for ACME CA
example.com
)Issue Certificate
Use Certificate in Your Applications
https://acme-v02.api.letsencrypt.org/directory
https://acme-staging-v02.api.letsencrypt.org/directory
What DNS validation methods are supported?
Can I use wildcard certificates with ACME CAs?
*.example.com
) when using DNS-01 validation. Simply specify the wildcard domain in your subscriber configuration.Note that wildcard certificates still require DNS-01 validation - HTTP-01 validation cannot be used for wildcard certificates.How long are ACME certificates valid?
Can I use multiple ACME providers?