Internet X.509 Public Key Infrastructure -- HTTP Transfer for the Certificate Management Protocol
RFC 9811, “Internet X.509 Public Key Infrastructure -- HTTP Transfer for the Certificate Management Protocol”, is a Proposed Standard document published in July 2025 by H. Brockhaus, D. von Oheimb, M. Ounsworth, J. Gray. It obsoletes RFC 6712, RFC 9480. The canonical text is published by the RFC Editor.
Abstract
This document describes how to layer the Certificate Management Protocol (CMP) over HTTP.
It includes the updates to RFC 6712 specified in Section 3 of RFC 9480; these updates introduce CMP URIs using a well-known prefix. It obsoletes RFC 6712; and, together with RFC 9810, it also obsoletes RFC 9480.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 9811 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9810 Internet X.509 Public Key Infrastructure -- Certificate Management Protocol
- RFC 9812 Clarification of IPv6 Address Allocation Policy
- RFC 9809 X.509 Certificate Extended Key Usage for Configuration, Updates, and Safety-Critical Communication
- RFC 9813 Operational Considerations for Using TLS Pre-Shared Keys with RADIUS
- RFC 9808 Content Delivery Network Interconnection Capacity Capability Advertisement Extensions
- RFC 9814 Use of the SLH-DSA Signature Algorithm in the Cryptographic Message Syntax
- RFC 9807 The OPAQUE Augmented Password-Authenticated Key Exchange Protocol
- RFC 9815 BGP Link State Shortest Path First Routing