ACME Server ADCS
ACME (RFC 8555) compatible implementation, connecting to Active Directory Certificate Services (ADCS)
This project enables you to use an ACME (RFC 8555) compliant client, to request certificates via Microsoft® Windows® Server Active Directory Certificate Services. The ACME (RFC 8555) protocol is famously used by Let's Encrypt® and thus there's a number of clients that can be used to obtain certificates. If you are into PowerShell, you can e.g. use my open source module [ACME-PS](https://www.powershellgallery.com/packages/ACME-PS/). The project is written primarily in C#, distributed under the Other license, first published in 2020. Key topics include: acme, acme-server, acme-v2, certificate, client-certificate.
ACME-ADCS-Server
This project enables you to use an ACME (RFC 8555) compliant client, to request certificates via Microsoft® Windows® Server Active Directory Certificate Services.
The ACME (RFC 8555) protocol is famously used by Let's Encrypt® and thus there's a number of clients that can be used to obtain certificates.
If you are into PowerShell, you can e.g. use my open source module ACME-PS.
The server currently supports server certificate issuances and is able to handle http-01, dns-01 as well as tls-alpn-01 challenges.
For issuing client certificates it supports device-attest-01 challenges, which is currently in draft state and thus 'experimental'.
It needs an Microsoft ADCS for certificate issuance, that allows auto-enrollment for the template used with the server.
License
Please be advised that this project is NOT free for commercial-use, but you may test it in any company and use it for your personal projects as you see fit, please refer to the LICENSE file for details.
To obain a license for commercial-use, please contact me via e-mail.
Buying the license does not include maintenance, nevertheless I also provide maintenance contracts. If you need one or you need help in getting the service up and running, please use the e-mail-address above.
The software is provided "as is", without warranty of any kind.
Implemented features
- ACME (RFC 8555) compliant server for certificate issuance
- Certificate issuance via Microsoft® Windows® Server Active Directory Certificate Services
- Challenge types:
- ExternalAccountBinding (EAB) support (more Information)
- Identifier types:
- Profiles 'automatic' and 'client selected', which allow to define different settings for different identifiers, e.g. different templates or CA servers.
- CAA validation as well as method binding (RFC 8657)
Quickstart Guide for ACME-ADCS
These pages will help you to get started with ACME-ADCS to issue certificates via Microsoft® Windows® Server Active Directory Certificate Services (ADCS) using the ACME protocol.
V3.0 Docs
For instructions on how to get ACME-ADCS 2.1 up and running, please refer to the Readme of that Version.
Acknowledgements
This project uses software licensed under the MIT license:
Contributors
Showing top 5 contributors by commit count.
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)
Related Repositories
caddyserver/caddy
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
acmesh-official/acme.sh
A pure Unix shell script ACME client for SSL / TLS certificate automation
certbot/certbot
Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
Infisical/infisical
Infisical is the open-source platform for secrets, certificates, and privileged access management.
mailcow/mailcow-dockerized
mailcow: dockerized - 🐮 + 🐋 = 💕
go-acme/lego
Let's Encrypt/ACME client and library written in Go