ACME reform in the Suomi.fi Data Exchange Layer – current information
Published 24/2/2026
During 2026, the Suomi.fi Data Exchange Layer will prepare to introduce the ACME feature (Automated Certificate Management Environment). The schedule has been adjusted slightly compared to earlier information, but preparations for ACME deployment are progressing.
Why is the change being made?
Starting in March 2026, the validity period of newly issued certificates will be shortened – first to six months and later to even shorter durations.
With ACME, authentication and signing certificates for Security Servers can be renewed automatically via the server’s user interface. ACME reduces manual work and ensures service continuity by automating certificate renewal.
We will provide a separate notice when customer organisations in the Suomi.fi Data Exchange Layer can begin deploying ACME.
Below, we describe what organisations need to do and how ACME deployment will proceed.
What organisations need to do
1) To perform ACME configurations in the Security Server’s user interface, your server must run at least X‑Road version 7.5.1. We recommend updating to at least version 7.5.1 and following our upcoming announcements about future version updates.
2) Familiarise yourself during spring 2026 with the ACME instructions for the Suomi.fi Data Exchange Layer, which will be published on the Developers’ website.
3) Prepare to apply for new certificates yourself in the Digital and Population Data Services Agency’s (DVV) e‑serviceOpens in a new window. starting from 1 May 2026. Note! This change takes effect already before ACME deployment and applies to all our customers.
- We will publish new instructions on applying for service certificates in the near future.
How ACME deployment works
Deploying ACME requires creating an ACME account for requesting certificates. DVV’s e‑service will soon include the option to create an ACME account through which ACME certificates can be requested.
After creating the ACME account, deployment also requires configuration on your organisation’s Security Servers in both the test environment (FI‑TEST) and the production environment (FI).
- In addition to certificate administration, the ACME account also allows organisations to monitor log information.
- Your organisation should already consider how you will monitor certificate renewal and registration requests and what kind of process you need for potential alerts.
Note: If the Security Server is in use, certificate removal must not begin until the new certificates have been installed. This ensures that the certificate replacement does not interrupt the organisation’s services.
Schedule
- Now: DVV is testing the ACME feature
- Next: Pilot phase with a partner
- Spring 2026: ACME instructions for the Suomi.fi Data Exchange Layer published on the Developers’ website; more detailed schedule information
- 2026: Information session and support clinics
Read more about the ACME reform:
More information and support
Technical questions: palveluvayla@palveluvayla.fiOpens in a new window.
Other questions: palveluvayla-kayttoonotot@dvv.fiOpens in a new window.