TWSD-796 APV wants to support ACME (Automatic Certificate Management Environment)

Review Request #1055 — Created Sept. 11, 2025 and submitted Nov. 13, 2025, 5:49 p.m. — Latest diff uploaded Nov. 13, 2025, 5:49 p.m.

Information
Owner:	mingji
Repository:	APV10
Branch:
Bugs:	TWSD-796
Depends On:
Reviewers
Groups:
People:	timsu, weikai

Description

Implement ACME feature with cerbot.

Document:

https://arraynetworks.atlassian.net/wiki/spaces/~712020b01d430745ea477faa9173a38c0a1430/pages/2889515062/ACME+for+APV
new CLIs:

ssl certbot test <domain_name> [challenge]

ssl certbot request <host_name> <domain_name> [cert_idx] [challenge]

ssl certbot sni request <host_name> <domain_name> [cert_idx] [challenge]

ssl certbot renew <host_name> [cert_idx] [domain_name] [is_force]

ssl certbot schedule <host_name> [cert_idx] [domain_name] [hour] [minute] [month] [days] [weekday]

no ssl certbot schedule <host_name> [cert_idx] [domain_name]

no ssl certbot certificate <host_name> [cert_idx] [domain_name]

show ssl certbot vhost <host_name>

show ssl certbot sni vhost <host_name>

show ssl certbot log [num_lines]

clear ssl certbot log

Testing Done

prerequisite:

- A public IP for VIP and has its domain name

- Register an EAB from a CA, for example Developer - ZeroSSL

    - ACME server’s url: https://acme.zerossl.com/v2/DV90 

    - Generate your own EAB KID, EAB HMAC Key
Verify following the configuration steps:

https://arraynetworks.atlassian.net/browse/TWSD-796

You have a pending review.

Review Board 5.0.5

TWSD-796 APV wants to support ACME (Automatic Certificate Management Environment)