3 dépôts
Background services that automate the ongoing maintenance and renewal of security certificates.
Distinguishing note: Focuses on long-term lifecycle management and background service operation.
Explore 3 awesome GitHub repositories matching security & cryptography · Certificate Lifecycle Managers. Refine with filters or upvote what's useful.
This project is a command-line tool that automates the entire lifecycle of security certificates using standard domain validation protocols. It functions as a background service to manage the issuance, renewal, and installation of certificates, ensuring that encrypted web traffic remains active without requiring manual intervention. The tool distinguishes itself through extensive support for automated domain ownership verification, including the ability to issue wildcard certificates by programmatically interacting with external domain name system providers. It provides flexible validation op
Handles the full lifecycle of encrypted web certificates by managing domain verification and server configuration updates.
cert-manager is a Kubernetes TLS certificate manager and cluster add-on that automates the issuance and renewal of TLS certificates. It functions as a certificate lifecycle automator, managing certificates as native Kubernetes resources to secure internal and external network traffic. The project includes an ACME protocol client to automate certificate requests and validations from providers. It utilizes a controller to synchronize the desired state of certificates with responses from various certificate authorities. The system covers certificate provisioning from external issuers and vault
Acts as a background service that automates the ongoing maintenance and renewal of security certificates.
This project is a public key infrastructure management system designed to automate the issuance, renewal, and revocation of X.509, TLS, and SSH certificates. It functions as a machine identity provider and certificate authority, enabling the establishment of private PKI to secure inter-service communication and remote access. The system distinguishes itself through hardware-bound identity attestation, which ties cryptographic keys to physical device silicon or TPMs to prevent credential exfiltration. It supports a wide array of identity verification mechanisms, including OIDC, cloud-provider
Manages the end-to-end enrollment, renewal, and revocation of certificates via a background agent.