CIELTECH – 16 July 2024
Leading WebTrust audited certificate authority among the first to allow users to issue certificates for internal and private domains using unofficial domain suffixes via ACME
Boston, MA, July 16, 2024 — GMO GlobalSign, Inc., a global Certificate Authority (CA) and leading provider of identity security, digital signing and IoT solutions, today announced updates to its Automated Certificate Management Environment (ACME) service for internal domain certificates, enabling customers to issue GMO GlobalSign IntranetSSL certificates through its ACME service. GMO GlobalSign is one of the few CA’s that offers users the ability issue certificates for internal and private domains using unofficial domain suffixes via ACME.
ACME is an internet protocol designed to enable enterprises to communicate with a CA like GMO GlobalSign to automate important lifecycle functions for TLS certificates at a low cost and high speed. With the introduction of this upgrade, GMO GlobalSign is unlocking a capability that has not been easily achieved by most organizations: the ability to issue certificates via ACME for internal/non-public domains using unofficial domain suffixes. Organizations might use these internal domains for development networks or other non-production environments; they are also leveraged for private device networks and Active Directory domains (though recommended practice for AD domains is to use a subdomain of a publicly registered domain controlled by your organization).
“Some users choose self-signed certificates, however, that requires an understanding of your organization’s Public Key Infrastructure (PKI), but not every business employs these specialists,” said Julie Gaunt, product manager, GMO GlobalSign.
“Because we are a publicly trusted, Webtrust audited certificate authority, we have domain expertise that is now being paired with ACME. By automating the issuance and renewal of non-public TLS certificates, organizations can be confident that internal endpoints will maintain encryption standards and meet internal compliance mandates, preventing unauthorized access, data breaches and potential disruptions to operations.”
Further updates to GMO GlobalSign’s ACME service include subdomain validation re-use, support of the ACME Key Change endpoint, and backend ACME Nonce updates. By leveraging ACMEs inbuilt capabilities, subdomain validation reuse removes the requirement for domain validation for subdomains so long as the parent domain has already been verified. In addition, the ACME Nonce update enables our ACME service to handle more certificate requests than ever before. In total, these updates will better serve our customers and improve user experience.
For more information contact us – we speak your language