Adept SSL Renewal

What would you like to do?

Choose an action to get started.

Manage

Recent Certificates

What domain(s) do you need a certificate for?

Domain(s)

One domain per line. Use *.domain for wildcards.

Certificate name

A friendly name to identify this certificate. Auto-filled from first domain.

How do you manage DNS for this domain?

Choose how DNS validation will work for the ACME certificate challenge.

Delegated DNS (CNAME)

I don't have API access to this domain's DNS. I'll add a CNAME record to delegate the challenge.

Recommended for customer domains

Direct DNS Provider

I have a DNS provider configured with API credentials (Cloudflare, GoDaddy, etc.).

Select DNS Provider

No DNS providers configured. .

Add this CNAME record

Add the following record at the DNS provider for :

Type: CNAME

Name:

Value:

Note: For wildcard certificates (*.), the same CNAME record works - no additional record needed.

Verifying DNS records

Checking DNS records for ...

DNS changes can take a few minutes to propagate.

Everything looks good! Click Next to configure your certificate.

Tips:

DNS changes can take up to 5 minutes to propagate
Check that the CNAME record was saved correctly at the DNS provider
Make sure the NS delegation for the zone is active

Assign to Client

Select which client agent should have access to this certificate, or create a new API key.

Client API Key

Or create a new API key:

Selected:

Certificate Configuration

Configure the certificate settings before issuing.

Domains:

DNS:

Client:

ACME Directory

Requires EAB credentials from the provider portal.

ACME Email

External Account Binding (EAB)

Generate these credentials from your provider portal. For SSLTrust: login → SSL Manager → ACME Credentials → Create New. For ZeroSSL: login → Developer → EAB Credentials → Generate.

EAB Key ID (KID)

EAB HMAC Key

Key Algorithm

EC (P-256) default, smaller & faster RSA (2048-bit) required for Exchange Server

Auto-renew (renews when expiry < days away)

Certificate Requested

Certificate issuance is in progress...

This typically takes 30-60 seconds. The page will update automatically.

Certificate issued successfully!

- expires

Certificate issuance failed

Certificates

No certificates yet. Click + New Certificate to get started.

DNS Providers

No providers configured yet.

Delegated DNS Entries

These entries are created automatically when you use the Issue Certificate (Delegated DNS) wizard. Each entry represents a CNAME delegation for a customer domain.

No delegation entries yet. Use the Issue Certificate wizard to create one.

Client API Keys

Each client/agent gets their own key. Disable a key to immediately cut off access.

No client keys yet. The master key from .env is currently the only way to authenticate.

Settings

Notification and scheduler configuration

Saving…

Settings saved.

Webhook URL

Leave blank to disable webhook notifications.

Notify on

Certificate lifecycle (server)

Renewal failed Expiry warning Renewal success

Agent deployment reports (client)

Binding verification failed (deployed but not bound) Deployment failed (could not install cert) Deployment success (confirmed bound) Agent offline (hasn't checked in within threshold)

Expiry warning thresholds (days before expiry)

Comma-separated days. A warning is sent each time the scheduler runs and the cert is exactly this many days from expiry.

Renewal check interval (hours)

How often the server checks for certificates due for renewal. Changing this takes effect immediately.

Agent offline threshold (hours)

Fire an agent_offline webhook if a client agent hasn't checked in within this many hours. Set to 0 to disable.

Test Webhook

Send a sample payload to your configured URL to verify delivery and formatting.

Delivered successfully.