As a follow-up to the new Elytron key-store management operations [1] that allow for more advanced KeyStore manipulation, I've been looking into integration with the Let's Encrypt certificate authority to add new management operations to the key-store resource for obtaining signed certificates, revoking them, and renewing them. I've created an analysis document to get feedback on this [2]. Feel free to comment on the document.