Today we start this adventure. Following the specs defined in the Email-Reply-00 ACME challenge, we implemented a whole and automatized system to deploy S/MIME certificates without user interaction.
This would help to secure email communications by incorporating a unique signature. Users can also use this signature to encrypt their messages and ensure that any intruder may read them.
In particular:
- Our ACME Email Server is able to “talk” the ACME protocol and with many ACME clients, such as Certbot. The ACME Email Server implements the draft specifications to ensure the email propierty.
- We developed an open-source ACME email client based on Certbot, able to communicate with our ACME server to get a S/MIME certificate.
- We implemented our Certification Authority. Obviously our CA is not accepted by any device yet and you will need to trust it manually.