Generate a unique ACME Directory URL for your Signed HTTP Exchange certificate in your CertCentral account. You'll need to include your "Signed HTTP Exchange" ACME Directory URL in your CertBot certificate request command.
Before creating the ACME Directory URL for your Signed HTTP Exchange certificate, make sure these prerequisites are met:
For more information:
In your CertCentral account, in the sidebar menu, click Account > Account Access.
On the Account Access page, in the ACME Directory URLs section, click Add ACME Directory URL.
In the Add ACME Directory URL popup window, enter a friendly Name for the URL.
In the Product dropdown, select the OV or EV TLS/SSL certificate you want to include the CanSignHttpExchanges extension and to issue using ACME.
Currently, the CanSignHttpExchanges extension can be included only in OV and EV TLS/SSL certificates.
In the Organization dropdown, select the pre-validated Organization you want to issue the certificate for.
Under Validity period, select Custom length and in the Days box, enter a number from 1 to 90.
Per industry standards, certificates that include the Signed HTTP Exchange extension have a 90-day maximum validity limit.
Expand Additional Certificate Options and under Certificate profile options, check Include the CanSignHttpExchanges extension in the certificate.
Click Add ACME Directory URL.
In the New ACME Directory URL popup window, copy your unique ACME URL and save it.
Use this URL to request your certificate using your ACME client.
When you generate an ACME Directory URL, it is displayed only once. There is no way to retrieve a lost ACME URL. If you ever lose an ACME URL, you'll need to revoke the lost URL and generate a new one.
Click I understand I will not see this again.
Your new ACME Directory URL is added to the list of ACME Directory URLs on the Account Access page. To see details about the certificate that can be ordered via the ACME Directory URL, next to the URL Name, click the information icon.