Automated Certificate Management Environment for Subdomains
RFC 9444, “Automated Certificate Management Environment for Subdomains”, is a Proposed Standard document published in August 2023 by O. Friel, R. Barnes, T. Hollebeek, M. Richardson. The canonical text is published by the RFC Editor.
Abstract
This document specifies how Automated Certificate Management Environment (ACME) can be used by a client to obtain a certificate for a subdomain identifier from a certification authority. Additionally, this document specifies how a client can fulfill a challenge against an ancestor domain but may not need to fulfill a challenge against the explicit subdomain if certification authority policy allows issuance of the subdomain certificate without explicit subdomain ownership proof.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 9444 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9443 Multiplexing Scheme Updates for QUIC
- RFC 9445 RADIUS Extensions for DHCP-Configured Services
- RFC 9442 Static Context Header Compression over Sigfox Low-Power Wide Area Network
- RFC 9446 Reflections on Ten Years Past the Snowden Revelations
- RFC 9441 Static Context Header Compression Compound Acknowledgement
- RFC 9447 Automated Certificate Management Environment Challenges Using an Authority Token
- RFC 9440 Client-Cert HTTP Header Field
- RFC 9448 TNAuthList Profile of Automated Certificate Management Environment Authority Token