A simple ACMEv2 client for Windows (for use with Let's Encrypt et al.)

Validation plugins

A validation plugin is responsible for providing the ACME server with proof that you own the identifiers (host names) that you want to create a certificate for. The ACMEv2 protocol defines different challenge types, three of which are supported by win-acme, namely HTTP-01, DNS-01 and TLS-ALPN-01.

For wildcard identifiers, only DNS-01 validation is accepted by Let’s Encrypt.

Several other challenge types are not supported for various reasons:

  • TLS-SNI-01/-02 - deprecated and removed
  • PROOFOFPOSSESSION-01 - unknown


By default, the self-hosting plugin is used. This can be changed in settings.json.