awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

23 Repos

Awesome GitHub RepositoriesAutomated Certificate Management

Systems that handle the lifecycle of TLS certificates, including issuance, renewal, and installation without manual intervention.

Explore 23 awesome GitHub repositories matching security & cryptography · Automated Certificate Management. Refine with filters or upvote what's useful.

Awesome Automated Certificate Management GitHub Repositories

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • caddyserver/caddyAvatar von caddyserver

    caddyserver/caddy

    73,492Auf GitHub ansehen↗

    Caddy is an extensible, modular web server platform designed for high-performance traffic management and automated security. At its core, it functions as a dynamic HTTP gateway that handles request routing, static asset delivery, and reverse proxying through a chain of configurable handler modules. The system is built on a modular architecture that allows developers to extend server functionality by registering custom components, all managed through a unified lifecycle and provisioning framework. What distinguishes Caddy is its focus on automated infrastructure and zero-downtime operations. I

    Handles the full lifecycle of certificates, including automated issuance, renewal, and HTTP-to-HTTPS redirection.

    Goacmeautomatic-httpscaddy
    Auf GitHub ansehen↗73,492
  • containous/traefikAvatar von containous

    containous/traefik

    63,656Auf GitHub ansehen↗

    Traefik is a cloud-native load balancer and dynamic reverse proxy designed for microservices traffic routing. It automatically discovers services and generates network routes by listening to infrastructure changes in orchestrators and service registries. The project distinguishes itself through auto-configuring service routing, which eliminates manual configuration by updating routing rules in real time as infrastructure scales. It also provides automated SSL certificate management, utilizing ACME-based automation to request and renew certificates from remote authorities. Additional capabili

    Automates the complete lifecycle of TLS certificates, including issuance and renewal, via the ACME protocol.

    Go
    Auf GitHub ansehen↗63,656
  • mack-a/v2ray-agentAvatar von mack-a

    mack-a/v2ray-agent

    19,081Auf GitHub ansehen↗

    V2Ray-agent is a shell-based orchestration tool designed to automate the deployment, configuration, and lifecycle management of network proxy services. It provides a structured framework for setting up encrypted tunnels and managing proxy processes as persistent background services through system initialization managers. The project distinguishes itself through a modular architecture that integrates automated security certificate management and multi-user access control into the deployment workflow. By utilizing template-driven configuration generation and reverse proxy traffic multiplexing,

    Automates the lifecycle of TLS certificates for network proxies without manual intervention.

    Shellcloudflaregrpc-cloudflarehttpupgrade
    Auf GitHub ansehen↗19,081
  • victoriametrics/victoriametricsAvatar von VictoriaMetrics

    VictoriaMetrics/VictoriaMetrics

    16,343Auf GitHub ansehen↗

    VictoriaMetrics is a high-performance, scalable time series database and observability platform designed for long-term storage and analysis of metric, log, and trace data. It functions as a unified backend for monitoring ecosystems, offering full compatibility with industry-standard protocols and query languages. The system is built to handle massive data volumes through a distributed architecture that supports horizontal scaling and efficient data lifecycle management. The platform distinguishes itself through a storage engine that utilizes consistent hashing for data sharding and log-struct

    Automates the lifecycle of TLS certificates to maintain secure encrypted connections without manual intervention.

    Godatabasegrafanagraphite
    Auf GitHub ansehen↗16,343
  • caprover/caproverAvatar von caprover

    caprover/caprover

    15,067Auf GitHub ansehen↗

    CapRover is a self-hosted platform-as-a-service that provides a centralized dashboard for managing containerized applications and databases. It functions as a container orchestration platform, simplifying the deployment, scaling, and networking of services across server environments. By leveraging a reverse-proxy-based architecture, the platform handles domain mapping, traffic routing, and automated SSL certificate lifecycle management to ensure secure, encrypted access for hosted web services. The platform distinguishes itself through its integrated automation capabilities, which include aut

    Automates the issuance, renewal, and installation of TLS certificates for hosted web applications.

    TypeScriptawsazurecaprover
    Auf GitHub ansehen↗15,067
  • kgretzky/evilginx2Avatar von kgretzky

    kgretzky/evilginx2

    14,627Auf GitHub ansehen↗

    Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a target web service. By acting as a reverse proxy, the tool intercepts and relays web requests to capture credentials and session tokens in real time, enabling the bypass of multi-factor authentication mechanisms through session cookie hijacking. The platform distinguishes itself by integrating infrastructure orchestration with modular template-driven content injection. It automates the deployment of proxy servers, manages the lifecycle of encryption certificates, and applies conte

    Handles the automatic generation and renewal of encryption certificates to maintain secure connections for proxied domains without manual intervention.

    Go
    Auf GitHub ansehen↗14,627
  • duplicati/duplicatiAvatar von duplicati

    duplicati/duplicati

    14,283Auf GitHub ansehen↗

    Duplicati is a self-hosted backup server designed to perform encrypted, incremental, and compressed backups to a wide range of local, network, and cloud-based storage providers. It functions as a background service that automates recurring data protection tasks, ensuring that only changed data blocks are stored to maximize efficiency and minimize bandwidth usage. The project distinguishes itself through a centralized management console that allows for the orchestration of multiple distributed backup agents from a single web-based dashboard. It supports multi-tenant management, enabling the or

    Automates the lifecycle of TLS certificates to secure access to the web-based management interface.

    C#backupc-sharpclient-only-backup
    Auf GitHub ansehen↗14,283
  • stalwartlabs/stalwartAvatar von stalwartlabs

    stalwartlabs/stalwart

    13,287Auf GitHub ansehen↗

    Stalwart is a self-hosted email and collaboration infrastructure that provides an integrated mail server supporting SMTP, IMAP, POP3, and JMAP protocols. It functions as a comprehensive communication hub, combining email hosting with a collaboration server for shared calendars, contacts, and files. The system distinguishes itself through a distributed architecture that uses peer-to-peer cluster coordination to ensure high availability and fault tolerance. It features a built-in security suite that implements an S/MIME and OpenPGP email gateway alongside automated TLS certificate provisioning

    Implements automated lifecycle management for TLS certificates using the ACME protocol.

    Rustcaldavcarddavimap
    Auf GitHub ansehen↗13,287
  • mailcow/mailcow-dockerizedAvatar von mailcow

    mailcow/mailcow-dockerized

    12,955Auf GitHub ansehen↗

    Mailcow-dockerized is an open-source email hosting platform that provides a complete, self-hosted infrastructure suite. It bundles message transfer, storage, and security protocols into a modular, containerized environment designed for deployment on private infrastructure. The platform distinguishes itself by integrating a centralized management interface for configuring mail domains and user accounts alongside collaborative tools like shared calendars and contact lists. It includes automated security features such as integrated spam and malware filtering gateways, as well as automated certif

    Provides automated lifecycle management for TLS certificates across multiple hosted mail domains.

    JavaScriptacmeclamavdocker
    Auf GitHub ansehen↗12,955
  • 0xjacky/nginx-uiAvatar von 0xJacky

    0xJacky/nginx-ui

    11,172Auf GitHub ansehen↗

    This project is a web-based management interface designed for the administration, monitoring, and configuration of Nginx server instances. It functions as a centralized platform for managing reverse proxy settings, traffic routing, and server lifecycles, providing a visual dashboard to replace manual configuration file editing. The platform distinguishes itself through integrated infrastructure automation and observability tools. It supports distributed environments by synchronizing configuration states across multiple nodes and containerized services, while offering artificial intelligence a

    Automates the deployment and renewal of security certificates for encrypted traffic.

    Gochatgpt-appcode-completioncopilot
    Auf GitHub ansehen↗11,172
  • bunkerity/bunkerwebAvatar von bunkerity

    bunkerity/bunkerweb

    10,629Auf GitHub ansehen↗

    BunkerWeb is a containerized suite of infrastructure tools that functions as a cloud-native web application firewall and Nginx reverse proxy. It provides a security layer for web applications, combining traffic routing with automated SSL certificate management and a web-based security dashboard for monitoring and configuration. The project distinguishes itself through its deep integration with container orchestrators, serving as a Kubernetes ingress controller that automates security settings and service discovery via container labels. It features a plugin-based extension model and a manageme

    Automates the issuance and renewal of HTTPS certificates via DNS integration.

    Python
    Auf GitHub ansehen↗10,629
  • khuedoan/homelabAvatar von khuedoan

    khuedoan/homelab

    9,109Auf GitHub ansehen↗

    This project is a GitOps infrastructure framework designed for managing bare metal servers, container clusters, and networking. It serves as a declarative system for orchestrating the deployment and lifecycle of self-hosted services, using Git as the source of truth to synchronize the desired state of the environment. The framework differentiates itself through a comprehensive automation suite that covers the entire hardware-to-service pipeline. It includes a PXE-based bare metal provisioner for network booting and operating system installation, alongside a lightweight container orchestration

    Automates the entire lifecycle of TLS certificates, including issuance, renewal, and DNS synchronization.

    Pythonansibleargocddevops
    Auf GitHub ansehen↗9,109
  • higress-group/higressAvatar von higress-group

    higress-group/higress

    8,727Auf GitHub ansehen↗

    Higress ist ein KI-natives und Cloud-natives API-Gateway, das den Datenverkehr zwischen Clients und Diensten großer Sprachmodelle (LLMs) routet, absichert und optimiert. Es fungiert als zentraler Einstiegspunkt für Microservices und dient sowohl als Kubernetes-Ingress-Controller als auch als KI-Gateway-Orchestrator. Das Projekt zeichnet sich dadurch aus, dass es den Datenverkehr über mehrere KI-Anbieter hinweg mittels eines einheitlichen Protokolls verwaltet und dabei token-bewusstes Rate-Limiting sowie Response-Caching integriert, um die Modell-Inferenz zu optimieren. Es koordiniert die Kommunikation zwischen KI-Modellen und externen Werkzeugen, um Echtzeit-Kontext und Daten bereitzustellen, während es gleichzeitig Server-Endpunkte für KI-Agenten hostet. Zu den umfassenden Funktionen gehören API-Sicherheitsdurchsetzung mittels Web Application Firewalls (WAF), automatisiertes TLS-Zertifikatsmanagement und dynamische Service-Discovery. Das Gateway unterstützt die benutzerdefinierte Anforderungsverarbeitung durch sandboxed WebAssembly-Plugins, die eine Verkehrstransformation mit Hot-Reloading ermöglichen. Das System implementiert standardisierte Ingress-APIs, um das Netzwerk-Routing innerhalb containerisierter Cluster mit geringem Ressourcen-Overhead zu verwalten.

    Automates the issuance and renewal of TLS certificates for secure, encrypted connections.

    Go
    Auf GitHub ansehen↗8,727
  • smallstep/certificatesAvatar von smallstep

    smallstep/certificates

    8,245Auf GitHub ansehen↗

    This project is a public key infrastructure management system designed to automate the issuance, renewal, and revocation of X.509, TLS, and SSH certificates. It functions as a machine identity provider and certificate authority, enabling the establishment of private PKI to secure inter-service communication and remote access. The system distinguishes itself through hardware-bound identity attestation, which ties cryptographic keys to physical device silicon or TPMs to prevent credential exfiltration. It supports a wide array of identity verification mechanisms, including OIDC, cloud-provider

    Automates the generation and renewal of both TLS and SSH certificates for users, devices, and workloads.

    Goacmeacme-serverca
    Auf GitHub ansehen↗8,245
  • chaos-mesh/chaos-meshAvatar von chaos-mesh

    chaos-mesh/chaos-mesh

    7,761Auf GitHub ansehen↗

    Chaos Mesh is a cloud-native fault injection tool and Kubernetes chaos engineering platform designed to verify system resilience. It functions as a testing framework for designing and executing automated failure scenarios to evaluate how containerized workloads recover from disruptions. The project acts as a multi-cluster chaos orchestrator, providing a centralized control plane to manage and monitor experiments across multiple remote Kubernetes clusters from a single interface. It includes a dashboard for the visual scheduling of experiments and the coordination of complex failure scenarios.

    Integrates with external managers to handle the automated issuance and renewal of security certificates.

    Go
    Auf GitHub ansehen↗7,761
  • opsnull/follow-me-install-kubernetes-clusterAvatar von opsnull

    opsnull/follow-me-install-kubernetes-cluster

    7,546Auf GitHub ansehen↗

    This project provides a comprehensive guide and set of scripts for deploying and configuring a production-ready Kubernetes cluster from scratch. It centers on establishing a functional environment by installing core management components, storage, and networking across multiple nodes. The implementation emphasizes high availability for the control plane, utilizing layer-4 load balancing and leader election for the API server, scheduler, and controller manager. It further ensures reliability through the deployment of a distributed key-value store for persistent runtime data. The project cover

    Automates the lifecycle of TLS certificates, including generation and rotation for cluster components.

    Shellcontainerdcorednsdocker
    Auf GitHub ansehen↗7,546
  • foxcpp/maddyAvatar von foxcpp

    foxcpp/maddy

    5,853Auf GitHub ansehen↗

    Maddy is a modular mail server that assembles a complete email system by connecting small, single-purpose modules through a declarative configuration file. Rather than a monolithic stack, it lets operators compose message processing, storage, authentication, and security enforcement from interchangeable building blocks, with each module handling a specific function like receiving SMTP connections, verifying credentials, or applying policy checks. The server distinguishes itself through its flexible authentication and security architecture. It delegates user verification to external systems in

    Automatically obtains and renews TLS certificates via the ACME protocol without manual intervention.

    Godkimdmarcemail
    Auf GitHub ansehen↗5,853
  • hobby-kube/guideAvatar von hobby-kube

    hobby-kube/guide

    5,658Auf GitHub ansehen↗

    This project is a Kubernetes deployment guide and infrastructure provisioner designed for hobbyist and home lab environments. It provides a framework for setting up multi-node clusters across various cloud providers and physical or virtual nodes, acting as a self-hosted cluster orchestrator. The project focuses on security hardening and infrastructure stability through specific implementation guides. This includes a framework for network security that covers host firewalls and encrypted network overlays, as well as detailed instructions for configuring ingress routing to manage external publi

    Automates the lifecycle of TLS certificates for encrypted HTTPS connections within the cluster.

    automationclustercost-effective
    Auf GitHub ansehen↗5,658
  • psviderski/uncloudAvatar von psviderski

    psviderski/uncloud

    4,653Auf GitHub ansehen↗

    Uncloud is a decentralized container orchestrator designed to deploy and manage applications across multiple servers without a central control plane. It functions as a peer-to-peer system and a Docker Compose cluster deployer, using SSH-based infrastructure management to coordinate operations across remote nodes. The project distinguishes itself by using a secure mesh network overlay to enable direct inter-container communication across different physical machines. It facilitates container image distribution by transferring missing layers directly from local environments to target nodes, bypa

    Provides automated handling of the TLS certificate lifecycle, including issuance and renewal, for services in the cluster.

    Gocontainersdeploymentdevops
    Auf GitHub ansehen↗4,653
  • lucaslorentz/caddy-docker-proxyAvatar von lucaslorentz

    lucaslorentz/caddy-docker-proxy

    4,532Auf GitHub ansehen↗

    caddy-docker-proxy ist ein dynamischer HTTP-Reverse-Proxy und Docker-Netzwerk-Ingress-Controller, der automatisch Routing-Konfigurationen generiert, indem er Labels aus Docker-Containern liest. Er dient als Service-Discovery-Tool, das Container-IP-Adressen in Echtzeit erkennt, um eingehenden Web-Traffic an die korrekten Backend-Ziele weiterzuleiten. Das Projekt fungiert als verteilter Proxy-Orchestrator, der in der Lage ist, generierte Konfigurationen von einem zentralen Controller an mehrere Remote-Server-Instanzen zu pushen, um die Request-Verarbeitung zu skalieren. Es automatisiert die Ausstellung und Erneuerung von TLS-Sicherheitszertifikaten für proxied Domains und koordiniert gemeinsam genutzte Zertifikate über Server-Replikate hinweg. Das System unterstützt die label-basierte Konfigurationsgenerierung unter Verwendung von Templates und Docker-Secrets, um Metadaten und globale Einstellungen in die Serverkonfiguration zu injizieren. Es behält die Synchronisierung bei, indem es auf Container-Lebenszyklusereignisse lauscht und einen In-Process-Lademechanismus verwendet, um das Serververhalten zu aktualisieren. Die Traffic-Management-Funktionen umfassen das Definieren von Request-Routing-Regeln, Pfad-Matching und URI-Rewriting, um Traffic an containerisierte Ressourcen zu leiten.

    Handles the complete lifecycle of TLS certificates, including issuance and renewal, without manual intervention.

    Go
    Auf GitHub ansehen↗4,532
Vorherige12Nächste
  1. Home
  2. Security & Cryptography
  3. Network and Infrastructure Security
  4. Web and Network Security
  5. Security & HTTPS
  6. Automated Certificate Management