This paper describes the implementation of Automated Centralized Certificate Management System based on Automatic Certificate Management Environment (ACME) protocol within the Academic Scientific Research Computer Network of Armenia (ASNET-AM). Digital certificates are one of the major instruments, used for most network services today. The work done in ASNET-AM is based the recent availability of free wildcard SSL/TLS certificates from some certificate authorities (CA) like LetsEncrypt. The concept of implementing automated centralized certificate system was presented at CSIT 2019 Conference and this paper summarizes its implementation done during past years. The system described is now actively used in production and provides centralized secure and automated digital certificates service for different types of ASNET-AM network services such as web servers, mail servers, etc.

Topics
Information technology, Telecommunication networks, Conference
1.
The Academic Scientific Research Computer Network of Armenia (ASNET-AM)
, http://www.asnet.am.
2.
Automated Certificate Management Environment (ACME) an open standard, RFC8555
, https://tools.ietf.org.
3.
J.
Aas
,
R.
Barnes
,
B.
Case
,
Z.
Durumeric
,
P.
Eckersley
,
A.
Flores-Ĺopez
,
J. A.
Halderman
,
J.
Hoffman-Andrews
,
J.
Kasten
,
E.
Rescorla
,
S.
Schoen
, and
a. B.
Warren
, “
Let’s Encrypt: An Automated Certificate: Authority to Encrypt the Entire Web”
, (
CCS
2019
).
Google Scholar
 
4.
ACME Automation
,
ZeroSSL
, https://zerossl.com.
5.
Dehydrated Automation
Script
, https://dehydrated.io
6.
Let’s Encrypt
, https://letsencrypt.org
DST Root CA X3 Expiration
(
2021
) https://letsencrypt.org DNS-01 challenge, https://letsencrypt.org
7.
BIND9 package
https://www.isc.org
Hook script using Dynamic DNS update utility for dns-01 challenge
. https://github.com.
8.
A.
Petrosyan
,
G.
Petrosyan
,
R.
Tadevosyan
, “
SSL Certificate Deployment Automation Concept for ASNET-AM Network Services
”, in
Proceedings of the Conference CSIT’2019,
pp.
228
229
, https://csit.am Agent Script to Automate Updating Certificates from Central Certificate Server. https://github.com
This content is only available via PDF.
©2023 Authors. Published by AIP Publishing.
2023
Author(s)
You do not currently have access to this content.