• Command line arguments
• Settings.json
• Plugins
  • Source
    • IIS
    • Manual
    • CSR
  • Validation
    • HTTP validation
      • Self-hosting
      • Filesystem
      • FTP(S)
      • SFTP
      • WebDav
      • REST
    • DNS validation
      • acme-dns
      • Alibaba (Aliyun)
      • Azure (Microsoft)
      • Cloud DNS (Google)
      • Cloudflare
      • DigitalOcean
      • DNSEXIT
      • DNS Made Easy
      • Domainname.shop
      • Dreamhost
      • GoDaddy
      • Hetzner
      • InfoManiak
      • Linode (Akamai)
      • LuaDNS
      • Manual
      • NS1
      • RFC2136
      • Route53 (Amazon)
      • Script
      • Simply
      • Tencent
      • TransIP
    • TLS validation
      • Self-hosting
  • Order
    • Single
    • Host
    • Site
    • Domain
  • CSR
    • RSA
    • EC
  • Store
    • Azure KeyVault
    • Certificate Store
    • Central Certificate Store
    • .pem files (Apache etc.)
    • .pfx file
    • User Store
  • Installation
    • IIS bindings
    • Script

User Store

Like the built-in certificate store plugin, this one places the certificate in the Windows Certificate Store. However, instead of using the LocalSystem location, it employes the CurrentUser location.

This means the certificate will only be available to whichever user is running the win-acme executable. The advantage of this is that you don’t need administrator rights to be able to use this plugin, as is required for the built-in one.

Warning

The disadvantage is that you will need to carefully manage which user(s) run the program, both initially and for future renewals. When running the scheduled task as SYSTEM (which is the default) this plugin will refuse to run, because it will most likely be a mistake to do so.

Separate download

This plugin is offered as a separate download, which can be downloaded from the releases page on GitHub has to be unpacked into the folder where you also unpacked wacs.exe to able to use them. If you are using win-acme as a dotnet tool, you will have to unpack to %userprofile%\.dotnet\tools\.store\win-acme\{version}\win-acme\{version}\tools\net5.0\any

Note that after unpacking you may have to unblock all new .dll files before .NET will trust them. You can do that from the Windows File Explorer by using the right mouse button and then checking the Unblock box on the General tab.

Using a downloaded plugin

To verify that the plugin is properly installed you can start the main executable with --verbose and it will print information about found and loaded plugins at start up. When the plugin is loaded, it manifests itself as extra menu choices and command line parameters being made availalbe.

Requires pluggable release

This plugin requires to you use the pluggable release of the main executable. It will not work on the smaller trimmed releases.

Unattended

--store userstore