Is your feature request related to a problem? Please describe.

Let's Encrypt is extending the ACME protocol to include "certificate profiles": https://letsencrypt.org/2025/01/09/acme-profiles/

By selecting a certificate profile, certificates with different traits can be generated by the CA. For example, Let's Encrypt will use the tlsserver profile to generate certificates tailored specifically towards TLS server usage, and shortlived to generate six-day certificates rather than the default 90 days. See the link for details.

Describe the solution you'd like

Cert-manager's ACME support can provide a way to optionally allow selection of a non-default certificate profile, for example a field on the Issuer.

Describe alternatives you've considered

Alternatively, cert-manager could just not support this extension.

Additional context

Supporting Let's Encrypt's certificate profiles extension can improve security by allowing users to select short-lived (six day) certificates: https://letsencrypt.org/2025/02/20/first-short-lived-cert-issued/

/kind feature