Automated certificate management for IIS

We have shown recently how to use the ACME implementation in CZERTAINLY with popular clients like cert-manager or certbot and automate certificate management of not only web servers.

Many companies and administrators are using the Microsoft Windows servers. And in Windows environment it is natural choice to use IIS (Internet Information Service) as a web server.

So let’s take a look how to automate the certificate management on the IIS web servers using ACME and CZERTAINLY.


There are couple of options when it comes to choose the ACME client implementation. Let’s Encrypt recommends certbot, but it is probably not the best option for Windows environment and IIS.

Certbot is not able to bind with the IIS and manage the certificate and the private key on the Windows server, which means that the certificate issued and managed using the certbot as ACME client needs to be manually imported and bind to IIS.

win-acme can be a better option if you would like to automate complete certificate lifecycle on the IIS using ACME. It has a native integration with the Windows, interactive and command line interface, and it can bind to IIS and setup the scheduler for the automatic certificate renewal before expiration.

For more information about win-acme, refer to the win-acme documentation.

CZERTAINLY and win-acme

CZERTAINLY platform implements the ACME protocol according to the RFC8555 – Automatic Certificate Management Environment (ACME).

Using CZERTAINLY as the ACME server, win-acme can automate the certificate management related tasks like issuing, renewing, revoking on the IIS web servers. The ability of the platform also enables the security team to control the attributes in certificates whenever needed using the concept known as RA Profiles.

There are only few steps to setup the environment:

  • Create ACME Profile
  • Enable ACME Profile for RA Profile
  • Start managing certificates on IIS using win-acme

You can start with the simple guide on how to use win-acme with CZERTAINLY.

Additionally, documentation contains resources describing the ACME implementation and the management of different ACME Profiles and ACME Accounts.

Open-source implementation and support

CZERTAINLY platform and ACME support is part of open-source repositories. Start using the platform without any restrictions on number of certificates or number of services.

If you would like to receive support or professional services, our team is readily available to assist you, whether you want to deploy the platform, or create a new connector. Do not hesitate and give it a try!

Get more information about the CZERTAINLY

CZERTAINLY is an open-source platform for effective and efficient certificate lifecycle management for companies of any size and individuals. One of its goals is to provide an easy and affordable way to secure digital communication and support information security in more and more connected world.

Need Help

Do not hesitate to get in touch with us!