Description
Creates a private certificate authority for issuing and renewing X.509 and SSH certificates, including ACME workflows for internal TLS automation. It helps teams give services trusted certificates without relying on a public certificate authority for every internal system.
A certificate authority is security-critical infrastructure. Protect its keys, restrict administrative access, back up configuration safely, and understand revocation before using it in production.