I wrote a Let's Encrypt certificate agent

I’m not sure if here is the right place to share my work, if it’s not, please remove my post and I do apologize for it.

I see there are several ACME clients for Let’s Encrypt, however, I think there should be a more intuitive tool for issuing certificate. So I wrote a tool to do that and everyone can use it for free.

You can find it https://ssl.md

Again, I do not want to post ADs, but just share my work, if here is not the right place, please remove it, thanks.

Would you care to share a little information about your “certificate agent” ? The website has zero information.

The website is running a PHP ACME client and a NS server. It helps users to issue certificate with DNS challenge. This agent is more like a certificate management, users can issue certificate, upload CSR, generate CSR online. Also, expiry date for every certificate is provided. This agent makes Let’s Encrypt CA issuing certificate more like a traditional CA, the user verify the domain ownership, and the certificate will be sent to their email.

@Sneezry, we’ve had some discussions about concerns with designs where the agent knows the user’s private keys. Are you generating the private key or asking the user to upload it, or are you generating these in-browser, or are you having the user generate a CSR?

User can issue a certificate by uploading a CSR, and I also give them a choice to generate it online. The private key is generated on the server side, and they must check I understand I shouldn't use online-generated CSR for production to generate CSR with my server. I also give them a notice:

Normally, you should always generate CSR by yourself to make sure your certificate is safe.

However, if you don't want to make issuing certificate complicated for testing host, we'd like to generate it for you.

Please note: You should never use an online-generated CSR for production.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.