Broadens the current ACME-client-based support for automated certificate management to support DigiCert as an ACME Certificate Authority:

  • Each LoadMaster can be associated with a specific DigiCert account by setting various account parameters and communicating with DigiCert servers to confirm the settings.
  • Administrators will be able to request and renew DigiCert certificates from the LoadMaster UI.
  • The DigiCert account cannot be created (nor funds added to it) from the LoadMaster UI. An account must be requested through the DigiCert website and already exist so that the appropriate configuration parameters can be entered into the LoadMaster UI.
    • Since DigiCert is a paid service, sufficient funds must be added to your account before requesting certificates via the LoadMaster UI.
  • The UI has been updated to generalize the text used in menus and labels and to provide new pages for DigiCert account and certificate management. Similarly, the API has been updated to provide generalized calls. Backward compatibility is maintained for the previous LE-specific calls.
  • The main UI menu has a new sub-menu, ACME Certificates, replacing the Let’s Encrypt selection from previous releases.
  • In the new ACME Certificates sub-menu, the user can choose either Let’s Encrypt or DigiCert as an ACME provider. Only one ACME CA can be used per LoadMaster in this release. The ability to use both at the same time will be provided in a future release.
  • On upgrade, existing LE accounts and certificates are preserved, and so the DigiCert functionality will not be presented as a choice in the UI -- unless the LE account has been removed. Note that an account can only be removed when there are no more certificates from that vendor installed.
  • On downgrade to a release that doesn't support DigiCert account creation for ACME certificate management, any DigiCert certificates that exist at the time of downgrade will be preserved in the downgraded system so that VS connectivity is not inadvertently affected by the downgrade. These certificates will be listed on the SSL Certificates UI page and can be deleted after the downgrade, if desired.