Hopefully a little self-promotion is allowed here.
Certera is a central validation server for Let’s Encrypt certificates. It’s a cross platform, self-hosted web application. With Certera, you can centralize all of your LE certificates and keys, monitor certificates and receive notifications for cert changes and expirations. It will also help you stay within LE quota limits. Check out the docs for more details and screenshots. It’s currently in beta as I’m looking for folks to start using and provide some feedback.
I created this because I had been using various ACME clients and occasionally a change here and there could cause things to break. Or, a cert would be on a system that I didn’t know about and the cert would expire without any one knowing about it. The biggest driver was making it simpler to use LE certs behind load balancers since Certera separates acquiring certificates and applying them. The idea is that you use Certera to acquire certificates, then use the API provided to retrieve the certs and keys to apply them. Currently, it only works with HTTP-01 validation (and redirects). I’m planning on adding DNS-01 validation and some hooks to make certificate automation much better when it comes to client certificates (i.e. rotating SSO certificates or certificates used for securing endpoints).
Some principles I’ve tried to follow while building this:
- Perpetual license only. I’m kind of burned out with subscriptions.
Thanks for reading and let me know what you think!