Get a certificate within minutes with IBM Cloud Internet Services and IBM Cloud Certificate Manager.

Need an SSL/TLS Certificate for your app or service? If you are using IBM Cloud Internet Services (CIS) as your Domain Name Service (DNS) provider, you can get a certificate within minutes at a click of a button from IBM Cloud Certificate Manager

IBM Cloud Certificate Manager lets you order free, domain-validated certificates signed by Let’s Encrypt—an automated, ACME-protocol-based Certificate Authority (CA) that issues free certificates that are valid for 90 days. Certificate Manager also helps you manage the lifecycle of your certificates and keep them secure.

How it works

When you order a certificate, you need to validate that you control the domains, which usually requires a lot of manual back and forth with your Certificate Authority. Let’s Encrypt automates certificate ordering through domain validation challenges. 

When you request a certificate from Let’s Encrypt, it sends you a DNS TXT record challenge to enter into your DNS provider, under the domain you requested, which you can do by calling your DNS provider APIs. Then, Let’s Encrypt queries your DNS for that record. If there was a match, Let’s Encrypt issues a certificate to you.   

We integrated Certificate Manager and IBM Cloud Internet Services (CIS) to do this work for you. Certificate Manager will interact with CIS to update TXT records. All you do is set up an access policy through IBM Cloud IAM to allow your Certificate Manager instance to access your CIS instance.

Other benefits of using Certificate Manager

Ordering a certificate through Certificate Manager has several more advantages:

  • Security: When you request a certificate, the key pair for your certificate is generated within Certificate Manager, where the keys are stored as encrypted. Actions performed on the certificate—including the order itself—and requests to download the certificate and private key are logged automatically to IBM Cloud Activity Tracker with LogDNA for audit purposes. If you want to limit access to individual certificates and keys, you can give access to users or services at the certificate level.
  • Lifecycle management: Certificate Manager also helps you manage the lifecycle of your TLS certificates. Get notified before your certificates expire and then renew them with the click of a button. Certificate Manager also sends you lifecycle notifications for events like a certificate issued or renewed, which you can use to trigger automated deployment processes (e.g., Configuring your Kubernetes ingress controller or CIS to use this certificate).

How to order a certificate

When your domains are registered as zones in CIS, go to Cloud IAM to set an access policy for Certificate Manager and CIS. Give Certificate Manager a Reader service access role for your CIS instance, and give Certificate Manager a Manager service access role for the relevant domains in CIS. Then, go to Certificate Manager and click Order. Fill out the certificate order form for CIS users. You should get a certificate issued to you within minutes

Easily order your certificates now 

To get started with Certificate Manager, check it out in the IBM Cloud catalog. You can also quickly order and activate your domain on CIS through the catalog.

Questions and feedback

  • For technical questions, go to Stack Overflow and use the ‘ibm-certificate-manager’ tag.
  • For non-technical questions, go to IBM developerworks with the ‘ibm-certificate-manager’ tag.
  • For questions or support needs on CIS or Certificate Manager, use the support section in the IBM Cloud menu.

Other uses for Cloud Internet Services

IBM Cloud Internet Services (CIS) provides you with a wide array of capabilities that can be leveraged at the network edge and easily deployed globally through Cloudflare’s 180+ Global Points of Presence (PoPs), providing you with the most comprehensive solution on the IBM Cloud to protect and optimize your Internet-facing applications, websites, and services. Improve your application and/or website reliability by registering your domains in our Domain Name Server (DNS) for fast resolution of hostnames to their corresponding IP addresses or aliases. 

Was this article helpful?
YesNo

More from Cloud

Serverless vs. microservices: Which architecture is best for your business?

7 min read - When enterprises need to build an application, one of the most important decisions their leaders must make is what kind of software development to use. While there are many software architectures to choose from, serverless and microservices architectures are increasingly popular due to their scalability, flexibility and performance. Also, with spending on cloud services expected to double in the next four years, both serverless and microservices instances should grow rapidly since they are widely used in cloud computing environments. While…

Serverless use cases: How enterprises are using the technology to let developers innovate

6 min read - Serverless, or serverless computing, is an approach to software development that empowers developers to build and run application code without having to worry about maintenance tasks like installing software updates, security, monitoring and more. With the rise of cloud computing, serverless has become a popular tool for organizations looking to give developers more time to write and deploy code. Despite its name, a serverless framework doesn’t mean computing without servers. In a serverless architecture, a cloud service provider (CSP) handles…

How a US bank modernized its mainframe applications with IBM Consulting and Microsoft Azure

9 min read - As organizations strive to stay ahead of the curve in today's fast-paced digital landscape, mainframe application modernization has emerged as a critical component of any digital transformation strategy. In this blog, we'll discuss the example of a fictional US bank which embarked on a journey to modernize its mainframe applications. This strategic project has helped it to transform into a more modern, flexible and agile business. In looking at the ways in which it approached the problem, you’ll gain insights…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters