In LANconfig, configure the Automatic Certificate Management Environment (ACME) client under
.- ACME client enabled
- Activates or deactivates the automatic fetching and renewal of the certificate.
- Domain
- DNS domain name for which the certificate is to be created, e.g. "test.example.com"
- Contact (e-mail address)
- Defines the contact information for the certificate request, e.g. the e-mail address "test@example.com".
- Certificate type
- Defines the certificate type including key length. Possible values: RSA-2K, RSA-3K, RSA-4K, ECC-256, ECC-384
- Authorization challenge
-
Specifies the method used to perform the Let's Encrypt authorization challenge. Possible values:
- TLS-alpn-01: Authorization is performed over TLS and port 443
- http-01: Authorization is performed over HTTP and port 80
- http-01,tls-alpn-01: http-01 is preferred over tls-alpn-01
- tls-alpn-01,http-01: tls-alpn-01 is preferred over http-01
- Endpoint resolution
-
Defines the protocol to be used to resolve the endpoint. Possible values:
- IPv4-only
- IPv6-only
- IPv6-or-IPv4
- SAN-List
- Defines which other domain names should be entered into the SAN field (Subject Alternative Name) of the certificate. This can be a comma-separated list of domain names (without spaces).
- Minimum validity
- Minimum number of days before expiry for the certificate to be renewed. Default: 30 days
- Source address (optional)
- References a named loopback address that is used as the sender. If the field is left empty, the router automatically selects an address.