GlobalSign Adds ACME Support for Internal Domain Certificate Issuance

BOSTON--(BUSINESS WIRE)--GMO GlobalSign, Inc., a global Certificate Authority (CA) and leading provider of identity security, digital signing and IoT solutions, today announced updates to its Automated Certificate Management Environment (ACME) service for internal domain certificates, enabling customers to issue GlobalSign IntranetSSL certificates through its ACME service.

ACME is an internet protocol designed to enable enterprises to communicate with a CA like GlobalSign to automate important lifecycle functions for TLS certificates at a low cost and high speed. With the introduction of this upgrade, GMO GlobalSign, Inc. is unlocking a capability that has not been easily achieved by most organizations: the ability to issue certificates via ACME for internal/non-public domains using unofficial domain suffixes, such as .internal or .lan. Organizations might use these internal domains for development networks or other non-production environments; they are also leveraged for private device networks and Active Directory domains (though recommended practice for AD domains is to use a subdomain of a publicly registered domain controlled by your organization).

“Some users choose self-signed certificates, however, that requires an understanding of your organization’s Public Key Infrastructure (PKI), but not every business employs these specialists,” said Julie Gaunt, product manager, GMO GlobalSign, Inc. “Because we are a publicly trusted, WebTrust audited certificate authority, we have domain expertise that is now being paired with ACME. By automating the issuance and renewal of non-public TLS certificates, organizations can be confident that internal endpoints will maintain encryption standards and meet internal compliance mandates, preventing unauthorized access, data breaches and potential disruptions to operations.”

Further updates to GlobalSign ACME service include subdomain validation re-use, support of the ACME KeyChange endpoint, and backend ACME Nonce updates. By leveraging ACME's inbuilt capabilities, subdomain validation reuse removes the requirement for domain validation for subdomains so long as the parent domain has already been verified. In addition, the ACME Nonce update enables our ACME service to handle more certificate requests than ever before. In total, these updates will better serve our customers and improve user experience.

About GlobalSign ACME Service

GlobalSign ACME service is critical for today’s certificate lifecycle management marketplace due to shortening certificate lifespans. Because many companies lack experts in PKI, there is an urgent need to ensure that companies can automate the process of getting certificates to reach their intended endpoints.

The strength of GlobalSign ACME service lies in the communication between an ACME client requesting a certificate from an ACME server for the automation of the most important certificate lifecycle management (CLM) functions. GlobalSign ACME for IntranetSSL empowers small and medium enterprises to automate the certificate issuance process for internal endpoints or any type of web server that is restricted from public internet use.

Powered by GlobalSign Digital Identity Platform, Atlas, ACME offers organizations seamless certificate management automation. Comprehensive administration capabilities for publicly trusted DV and OV certificates allows for the automatic issuance and renewal To learn more about GMO GlobalSign’s ACME capabilities, visit, https://www.globalsign.com/en/acme-automated-certificate-management

About GMO GlobalSign

As one of the world’s most deeply-rooted certificate authorities, GMO GlobalSign is the leading provider of trusted identity and security solutions enabling businesses, large enterprises, cloud-based service providers, and IoT innovators worldwide to conduct secure online communications, manage millions of verified digital identities and automate authentication and encryption. Its high-scale Public Key Infrastructure (PKI) and identity solutions support the billions of services, devices, people, and things comprising the IoT. GMO GlobalSign is a subsidiary of GMO GlobalSign Holdings, K.K., a member of the Japan-based GMO Internet Group, has offices in the Americas, Europe and Asia. For more information, visit https://www.globalsign.com.