diff --git a/docs/administration.rst b/docs/administration.rst
index 8f055147..157af478 100644
--- a/docs/administration.rst
+++ b/docs/administration.rst
@@ -735,6 +735,12 @@ The following configuration properties are required to use the Digicert issuer p
             This is the default validity (in years), if no end date is specified. (Default: 1)
 
 
+.. data:: DIGICERT_MAX_VALIDITY
+    :noindex:
+
+            This is the maximum validity (in years). (Default: value of DIGICERT_DEFAULT_VALIDITY)
+
+
 .. data:: DIGICERT_PRIVATE
     :noindex:
 
@@ -1008,6 +1014,18 @@ The following configuration properties are required to use the PowerDNS ACME Plu
 
             This is the number of times DNS Verification should be attempted (i.e. 20)
 
+
+.. data:: ACME_POWERDNS_VERIFY
+    :noindex:
+
+            This configures how TLS certificates on the PowerDNS API target are validated.  The PowerDNS Plugin depends on the PyPi requests library, which supports the following options for the verify parameter:
+
+            True: Verifies the TLS certificate was issued by a known publicly-trusted CA. (Default)
+
+            False: Disables certificate validation (Not Recommended)
+
+            File/Dir path to CA Bundle: Verifies the TLS certificate was issued by a Certificate Authority in the provided CA bundle.
+
 .. _CommandLineInterface:
 
 Command Line Interface
diff --git a/lemur/plugins/lemur_acme/powerdns.py b/lemur/plugins/lemur_acme/powerdns.py
index f3ad9965..a26faaac 100644
--- a/lemur/plugins/lemur_acme/powerdns.py
+++ b/lemur/plugins/lemur_acme/powerdns.py
@@ -246,11 +246,12 @@ def _get_zone_name(domain, account_number):
 def _get(path, params=None):
     """ Execute a GET request on the given URL (base_uri + path) and return response as JSON object """
     base_uri = current_app.config.get("ACME_POWERDNS_DOMAIN")
+    verify_value = current_app.config.get("ACME_POWERDNS_VERIFY", True)
     resp = requests.get(
         f"{base_uri}{path}",
         headers=_generate_header(),
         params=params,
-        verify=True,
+        verify=verify_value
     )
     resp.raise_for_status()
     return resp.json()
@@ -259,9 +260,11 @@ def _get(path, params=None):
 def _patch(path, payload):
     """ Execute a Patch request on the given URL (base_uri + path) with given payload """
     base_uri = current_app.config.get("ACME_POWERDNS_DOMAIN")
+    verify_value = current_app.config.get("ACME_POWERDNS_VERIFY", True)
     resp = requests.patch(
         f"{base_uri}{path}",
         data=json.dumps(payload),
-        headers=_generate_header()
+        headers=_generate_header(),
+        verify=verify_value
     )
     resp.raise_for_status()
diff --git a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
index 7ac2107f..027add0f 100644
--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@@ -140,7 +140,6 @@
         <select ng-model="certificate.validityYears" class="form-control">
           <option value="">-</option>
           <option value="1">1 year</option>
-          <option value="2">2 years</option>
         </select>
       </div>
       <span style="padding-top: 15px" class="text-center col-sm-1">