I'm trying to understand how the Let's Encrypt SSL service works with Adobe Experience Manager.
I'm a bit confused by the process of setting up Nginx and Cron to issue CSRs and automate the renewal process every 90 days (I understand I have to do this because Let's Encrypt only offers 90-day certs).
Will this automatic renewal process work with Adobe Experience Manager (AEM) servers? Is Let's Encrypt partnered with Adobe such that I should be reaching out to an Adobe contact or is this something I, as a UX developer, have to pick up and learn myself?
Thanks for any help pointing me in the right direction.
Hi @tinateena, and welcome to the LE community forum
It probably will.
But you have to break "the problem" down into "parts" to better understand "how" they can work together and solve the "riddle".
Part one: Obtain a globally signed certificate
Part two: Using a globally signed certificate with AEM / Securing AEM
For part one, you need to choose an ACME client that is right for your "environment".
Most important question on that: What O/S does the AEM run on?
For part two, you may get better help from the AEM user's guide [or website].
I believe our instance of AEM is running in a Linux environment (CentOS version 3.10.0-1160.71.1.el7.x86_64). It requires the Java SE runtime. AEM also uses Apache Sling and OSGI.
I'm not sure which of the ACME Clients would be suitable given this information (perhaps CertBot?)
That wizard seems like a very manual solution.
You may need to find a CLI version of those "commands" and then you might be able to automate the use of renewed certs.
Getting the cert and renewing it are straightforward with CentOS.
And, yes, certbot would be a valid choice for such an ACME client.