With the updates from the CA/Browser forum moving towards 90 day certificates over 3 years there needs to be a reasonable way for customers to be able to acquire and activate new certificates. The industry has moved towards the ACME protocol to provide that function, and some SSL/TLS Certificate providers (like Lets Encrypt, Setgo and InCommon) allow systems to automatically check out and renew certificates in a safe and painless way. In the case of Lets Encrypt, they process millions of certificates and only allow access to the certs via automation.

ACME should be supported by any forward-facing product including ASBCE, CM, SMGR, ASM, AES, Breeze, G4x0 media gateways, AAMS, etc.

Avaya System Manager should expose the ACME protocol for it's CA functionality to allow for automation within existing on-prem solutions.