diff --git a/src/acme2.js b/src/acme2.js
index 51a0bb17f..56101c2a6 100644
--- a/src/acme2.js
+++ b/src/acme2.js
@@ -9,7 +9,6 @@ exports = module.exports = {
 };
 
 const assert = require('assert'),
-    async = require('async'),
     BoxError = require('./boxerror.js'),
     crypto = require('crypto'),
     debug = require('debug')('box:cert/acme2'),
@@ -518,18 +517,17 @@ Acme2.prototype.getCertificate = async function (vhost, domain, paths) {
     await this.acmeFlow(vhost, domain, paths);
 };
 
-function getCertificate(vhost, domain, paths, options, callback) {
+async function getCertificate(vhost, domain, paths, options) {
     assert.strictEqual(typeof vhost, 'string'); // this can also be a wildcard domain (for alias domains)
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof paths, 'object');
     assert.strictEqual(typeof options, 'object');
-    assert.strictEqual(typeof callback, 'function');
 
     let attempt = 1;
-    async.retry({ times: 3, interval: 0 }, function (retryCallback) {
+    promiseRetry({ times: 3, interval: 0 }, async function () {
         debug(`getCertificate: attempt ${attempt++}`);
 
-        let acme = new Acme2(options || { });
-        acme.getCertificate(vhost, domain, paths).then(callback).catch(retryCallback);
-    }, callback);
+        const acme = new Acme2(options || { });
+        return await acme.getCertificate(vhost, domain, paths);
+    });
 }
diff --git a/src/reverseproxy.js b/src/reverseproxy.js
index 32312e069..9285379a1 100644
--- a/src/reverseproxy.js
+++ b/src/reverseproxy.js
@@ -410,7 +410,7 @@ async function ensureCertificate(vhost, domain, auditSource) {
     debug('ensureCertificate: getting certificate for %s with options %j', vhost, _.omit(apiOptions, 'accountKeyPem'));
 
     const acmePaths = getAcmeCertificatePathSync(vhost, domainObject);
-    let [error] = await safe(util.promisify(acmeApi.getCertificate)(vhost, domain, acmePaths, apiOptions));
+    let [error] = await safe(acmeApi.getCertificate(vhost, domain, acmePaths, apiOptions));
     debug(`ensureCertificate: error: ${error ? error.message : 'null'} cert: ${acmePaths.certFilePath || 'null'}`);
 
     await safe(eventlog.add(currentBundle ? eventlog.ACTION_CERTIFICATE_RENEWAL : eventlog.ACTION_CERTIFICATE_NEW, auditSource, { domain: vhost, errorMessage: error ? error.message : '', notAfter }));