Getting started
This is the whole path from a new account to a certificate that renews itself. It takes about five minutes for a single server.
1. Create an account
Open Get Started and sign up. This is also where you'll come back to sign in every time - aethercert has no separate marketing login.
2. Install an agent
Go to Build > Agents, name the server you want to enroll, and click Create enrollment token. The dashboard gives you a download link and a single install command for Linux or Windows, for example:
sudo ./aethercert-agent-linux-amd64 install --api <your-api-url> --token <token>That one command copies the binary to its standard location, enrolls it, and starts it as a service. Click Verify connection on the same page once it's running - the agent polls in, so no inbound firewall rule is needed. See Agents for update and uninstall details.
3. Add and verify a domain
Go to Build > Domains and add the domain you'll issue certificates for. You'll be asked to create a DNS TXT record to prove ownership - this is a one-time step per domain. If you want wildcard certificates or certificates for hosts that aren't reachable over HTTP, connect a DNS provider on the same screen so DNS-01 challenges can be solved automatically. Details: Domains & DNS-01.
4. Pick a certificate authority
A Let's Encrypt CA is available on every account by default - nothing to configure. If you need a different public CA or your own internal CA, add one under Manage > Certificate Authorities first. See Certificate authorities.
5. Create the certificate
Go to Build > Certificate Jobs. Enter the common name (and any subject alternative names), pick the domain and CA from step 3 and 4, choose a deploy target - where the certificate should actually be installed - and choose whether it targets a single agent or an agent group. See Deploy targets for what each option does.
6. Done - it renews itself
From here, aethercert checks in with the agent, tracks the certificate's expiry, and issues a renewal job before it expires - by default the same number of days out that you set when creating it. Every attempt, success or failure, is visible on the certificate and in Monitor > Event Log.