With the increasing industry trend toward shorter SSL/TLS certificate validity periods, IT administrators are seeking automated solutions to manage certificate lifecycles. A common request is whether Symantec Messaging Gateway (SMG) supports the Automated Certificate Management Environment (ACME) protocol or any other built-in auto-enrollment feature for certificate renewal.

As of the latest release, Symantec Messaging Gateway (version 10.9.2), there is no native support for the ACME protocol or any automated certificate enrollment/renewal feature.

Currently, all SSL/TLS certificates used by the Control Center and Scanners must be managed manually. This includes:

• Generating the Certificate Signing Request (CSR) within the SMG interface.

• Submitting the CSR to your chosen Certificate Authority (CA).

• Manually importing the signed certificate and any necessary intermediate chain certificates back into the appliance.

If auto-enrollment capabilities are introduced in a future release, this article and the official SMG Release Notes will be updated to reflect those changes.