Rock 1.11.0 Documentation

Acme Certificate

Every Rock install needs an SSL certificate. Even if you aren't live yet and don't have people entering any financial information, you still have you or your staff logging in and typing passwords. You don't want that happening without encryption. Even though buying certificates has gotten cheaper it can still be too expensive, especially when you are just kicking the tires. It can also be complicated dealing with multiple hostnames, adding and removing hostnames on the fly as well as just taking the time to renew that certificate every year.

Lets Encrypt launched a number of years ago with two goals. The first was to provide an API system that other Certificate Authorities could implement that would take much of the headache out of the process for people. The second was to provide free SSL certificates through their own Certificate Authority. You can now get unlimited free certificates from Lets Encrypt. On top of that, their API allows for plugins like this to be written that do all the heavy lifting for you so you can get back to helping your staff. No more wasting time doing Administration that should be automated.

With this plugin you can manage your Rock SSL certificates by configuring once and then forgetting all about it. The plugin keeps your certificate up to date for you. You can even manage multiple certificates or non-Rock sites on your IIS server.

This plug-in is designed for full-trust/full-VM hosting. This means self-hosted on-premise or using a full-VM type of hosting such as Azure VM. There is experimental support for partial-trust hosting but it requires manual installation of the certificates.

Version History


New Features

  • New method of responding to authorization requests from Lets Encrypt. Should improve reliability.

New Features

  • Updated to new ACME protocol v2 which is required as of November 2019.

This version has no changes. It simply removes the "beta" designation.

  • Added "Recommend Configuration" button to simplify creating new certificate.
  • Bug Fixes.

Initial Release

  • Support for Lets Encrypt certificate authority.
  • Support for Full-Trust hosting only.
  • Experimental support for Partial-Trust hosting.
  • Automatic configuration of IIS site bindings.
  • Automatic renewal of certificates.