Search: [certificates]

aapooksman/certmitm https://github.com/aapooksman/certmitm

Tue 28 Jan 2025 01:54:42 PM PST

A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application. This could also be useful if you're trying to reverse engineer the API a mobile app uses.

dehydrated-io/dehydrated https://github.com/dehydrated-io/dehydrated

Sun 14 Jul 2024 11:39:05 AM PDT

Dehydrated is a client for signing certificates with an ACME-server (e.g. Let's Encrypt) implemented as a relatively simple (zsh-compatible) bash-script. This client supports both ACME v1 and the new ACME v2 including support for wildcard certificates! It uses the openssl utility for everything related to actually handling keys and certificates, so you need to have that installed. Other dependencies are: cURL, sed, grep, awk, mktemp (all found pre-installed on almost any system, cURL being the only exception).

Current features:

Signing of a list of domains (including wildcard domains!)
Signing of a custom CSR (either standalone or completely automated using hooks!)
Renewal if a certificate is about to expire or defined set of domains changed
Certificate revocation
and lots more.

Generally you want to set up your WELLKNOWN path first, and then fill in domains.txt. Please note that you should use the staging URL when experimenting with this script to not hit Let's Encrypt's rate limits. See docs/staging.md.

knrdl/acme-ca-server https://github.com/knrdl/acme-ca-server

Mon 06 May 2024 09:33:28 AM PDT

ACME Server implementation (http-01 challenge). Builtin CA to sign/revoke certificates (can be replaced with an external CA), CA rollover is supported. Notification Mails (account created, certificate will expire soon, certificate is expired) with customizable templates. Web UI (certificate log) with customizable templates.

Tested with Certbot, Traefik, Caddy, uacme, and acme.sh.

The Dockerfile is remarkably understandable, which should make it easy to run it normally.

acmesh-official/acme.sh https://github.com/acmesh-official/acme.sh

Mon 25 Jul 2022 12:40:41 PM PDT

An ACME protocol client written purely in Shell (Unix shell) language.

Full ACME protocol implementation. Support ECDSA certs. Support SAN and wildcard certs. Simple, powerful and very easy to use. You only need 3 minutes to learn it. Bash, dash and sh compatible. Purely written in Shell with no dependencies on python. Self-contained, just one script is needed to issue, renew and install your certificates automatically. DOES NOT require root/sudoer access. Docker ready. IPv6 ready. Cron job notifications for renewal or error etc.

FiloSottile/mkcert: A simple zero-config tool to make locally trusted development certificates with any names you'd like. https://github.com/FiloSottile/mkcert

Mon 07 Jan 2019 10:09:40 PM PST

A simple zero-config tool to make locally trusted development certificates with any names you'd like. Does this by adding (and managing) a local CA on your laptop which you can issue arbitrary certs for (including localhost).

STARTTLS Everywhere https://starttls-everywhere.org/

Mon 25 Jun 2018 08:47:43 PM PDT

Secure your email server with STARTTLS Everywhere! Your email service can be insecure in numerous different ways. The service below performs a quick check of your email server's security configuration, including whether STARTTLS is supported, and whether it may qualify for the STARTTLS Policy List.

Links per page

Filters