Search Results for "certificate"
Sort By:
Showing 367 open source projects for "certificate"
View related business solutions-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
GWI: On-demand Consumer ResearchNeed easy access to consumer insights? Our intuitive platform is the answer. Get the ultra-reliable research that brands and agencies need to stay ahead of changing consumer behavior.
-
1
Certificate Ripper
A CLI tool to extract server certificates
...No openssl required runs on any Operating System. It can be used with or without Java, native executables are present in the releases. Extracts all the sub-fields of the certificate. Certificates can be formatted to PEM format. Bulk extraction of multiple different URLs with a single command is possible. Extracted certificates can be stored automatically in a p12 trust store. Works also behind a proxy. -
2
Certificate Transparency Go
Auditing for TLS certificates (Go code)
certificate-transparency-go is a Go codebase for building and interacting with Certificate Transparency (CT) systems, from low-level parsing to full log operation. It includes forked ASN.1 and X.509 packages tailored to accept and analyze real-world certificates, including pre-certificates that stricter libraries would reject, supporting CT’s role as an ecosystem observatory. -
3
Step Certificates
A private certificate authority (X.509 & SSH) & ACME server
Open Source step-ca provides the infrastructure, automations, and workflows to securely create and operate a private certificate authority. step-ca makes it easy for developers, operators and security teams to manage certificates for production workloads. Get a public key infrastructure and certificate authority running in minutes. Automate enrollment using ACME, OIDC, one-time tokens, cloud APIs and more. Use systemD timers, daemon mode, cron jobs, CI/CD, and more to automate certificate management. ... -
4
Proxyee
HTTP proxy server,support HTTPS & websocket
Proxyee is a JAVA-written HTTP proxy server library that supports HTTP, HTTPS, and WebSocket protocols, and supports MITM (Man-in-the-middle), which can capture and tamper with HTTP, and HTTPS packets. The CA certificate (src/resources/ca.crt) from the project needs to be imported to a trusted root certificate authority. The CA certificate (src/resources/ca.crt) from the project needs to be imported to a trusted root certificate authority. You can use the CertDownIntercept interceptor to enable the web certificate download feature. -
The Apple Device Management and Security PlatformAchieve harmony across your Apple device fleet with Kandji's unmatched management and security capabilities.
-
5
Certbot
Get free HTTPS certificates forever from Let's Encrypt
Certbot is a fully-featured, easy-to-use, extensible client for the Let's Encrypt CA. It fetches a digital certificate from Let’s Encrypt, an open certificate authority launched by the EFF, Mozilla, and others. This certificate then lets browsers verify the identity of web servers and ensures secure communication over the Web. Obtaining and maintaining a certificate is usually such a hassle, but with Certbot and Let’s Encrypt it becomes automated and hassle-free. ... -
6
cert-manager
Automatic TLS certificate manager for Kubernetes
Automate certificate management in cloud native environments. Cert-manager builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide 'certificates as a service' to developers working within your Kubernetes cluster. upport for popular CA types. -
7
Boulder
An ACME-based certificate authority, written in Go
...The Registration Authority can live without Internet connectivity, but still needs to talk to the Web Front End and Validation Authority. The Certificate Authority need only receive instructions from the Registration Authority. All components talk to the SA for storage. Internally, the logic of the system is based around five types of objects: accounts, authorizations, challenges, orders (for ACME v2) and certificates. -
8
CFSSL
Cloudflare's PKI and TLS toolkit
...You can set the GOOS and GOARCH environment variables to have Go cross compile for alternative platforms; however, cfssl requires cgo, and cgo requires a working compiler toolchain for the target platform. The csr is the client's certificate request. The -ca and -ca-key flags are the CA's certificate and private key, respectively. By default, they are ca.pem and ca_key.pem. The -hostname is a comma separated hostname list that overrides the DNS names and IP address in the certificate SAN extension. -
9
eCapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF
Capture SSL/TLS text content without a CA certificate using eBPF. Supports Linux/Android kernel versions x86_64 4.18 and above, aarch64 5.5 and above. Does not support Windows and macOS systems. -
Peer to Peer Recognition Brings Teams TogetherCreate a positive and energetic workplace environment with Motivosity, an innovative employee recognition and engagement platform. With Motivosity, employees can give each other small monetary bonuses for doing great things, promoting trust, collaboration, and appreciation in the workplace. The software solution comes with features such as an open-currency open-reward system, insights and analytics, dynamic organization chart, award programs, milestones, and more.
-
10
SideStore
SideStore is a fork of AltStore that doesn't require an AltServer
...SideStore is an iOS application that allows you to sideload apps onto your iOS device with just your Apple ID. SideStore resigns apps with your personal development certificate and then uses a specially designed VPN in order to trick iOS into installing them. SideStore will periodically "refresh" your apps in the background, to keep their normal 7-day development period from expiring. SideStore's goal is to provide an untethered sideloading experience. It's a community-driven fork of AltStore, and has already implemented some of the community's most-requested features. ... -
11
go-mitmproxy
mitmproxy implemented with golang
...Parses HTTP/HTTPS traffic and displays traffic details via a web interface. Supports a plugin mechanism for easily extending functionality. Various event hooks can be found in the examples directory. HTTPS certificate handling is compatible with mitmproxy and stored in the ~/.mitmproxy folder. If the root certificate is already trusted from the previous use of mitmproxy, go-mitmproxy can use it directly. Map Remote and Map Local support. -
12
FreeRDP
FreeRDP is a free remote desktop protocol library and clients
...Network tracing of RDP can be quite a challenge due to a number of factors such as encryption, compression, and the fact that these protocol features cannot always be disabled or worked around. One of the easiest way of decrypting RDP traffic is to configure the server with a self-signed certificate for which the private key is known, and then use this certificate with a network tracing tool to automatically decrypt the packets. -
13
apk-mitm
Application that automatically prepares Android APK files for HTTPS
Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious. -
14
Infisical
Infisical is the open-source platform for secrets management, PKI
Infisical is an open-source, all-in-one platform for managing secrets, certificates, and privileged access. It delivers modern security workflows like secrets rotation, dynamic credentials, role-based access control, and SSH certificate-based access—tailored for development and infrastructure teams. Manage secrets across projects and environments (e.g. development, production, etc.) through a user-friendly interface. Sync secrets to platforms like GitHub, Vercel, AWS, and use tools like Terraform, Ansible, and more. Keep track of every secret and project state; roll back when needed. ... -
15
TrustKit
Easy SSL pinning validation and reporting for iOS, macOS, tvOS
...The policy settings are heavily based on the HTTP Public Key Pinning specification. Sane implementation by pinning the certificate's Subject Public Key Info, as opposed to the certificate itself or the public key bits. Reporting mechanism to notify a server about pinning validation failures happening within the App, when an unexpected certificate chain is detected. This is similar to the report-uri directive described in the HPKP specification. The reporting mechanism can also be customized within the App by leveraging pin validation notifications sent by TrustKit. -
16
AWS IoT Device SDK for Python
SDK for connecting to AWS IoT from a device using Python
...The SDK is built on top of a modified Paho MQTT Python client library. Developers can choose from two types of connections to connect to AWS IoT. For MQTT over TLS (port 8883 and port 443), a valid certificate and a private key are required for authentication. For MQTT over the WebSocket protocol (port 443), a valid AWS Identity and Access Management (IAM) access key ID and secret access key pair are required for authentication. -
17
Santa
A binary authorization system for macOS
Santa is a binary authorization system for macOS, aptly named since its main purpose is to keep track of binaries that are either naughty or nice. Santa is made up of a kernel extension (or a system extension on macOS 10.15+) that monitors and participates in execve() decisions, a userland daemon that makes the execution decisions, a GUI agent that shows notifications when an execve() is blocked, and a command-line utility that oversees system management and the synchronization of database... -
18
Caddy
Powerful, enterprise-ready, open source web server w/ automatic HTTPS
Caddy is a powerful, extensible, enterprise-ready server platform that uses TLS by default. Everything you would require in your infrastructure, from TLS certificate renewals and OCSP stapling, to reverse proxying and ingress, Caddy simplifies it all. Its modular architecture lets you do more with just a single static binary that compiles for any platform. Caddy is the only web server that uses HTTPS automatically and by default. It automatically renews TLS certificates, staples OCSP responses and more. ... -
19
Setup IPsec VPN
Scripts to build your own IPsec VPN server with IPsec/L2TP
...It is designed for simplicity—requiring only a single command to set up, with randomly generated secure credentials created during installation. The repository also provides helper scripts for user and certificate management, client configuration files for major platforms, and support for deploying on popular Linux distributions and public cloud services. -
20
dehydrated
letsencrypt/acme client implemented as a shell-script
letsencrypt/acme client implemented as a shell-script, just add water. Dehydrated is a client for signing certificates with an ACME-server (e.g. Let’s Encrypt or ZeroSSL) implemented as a relatively simple bash script. It uses the OpenSSL utility for everything related to actually handling keys and certificates, so you need to have that installed. Other dependencies are cURL, sed, grep, mktemp (all found on almost any system, cURL being the only exception). Please keep in mind that this... -
21
V2Ray-Agent
Xray, Tuic, hysteria2, sing-box
An all-in-one V2Ray/Xray agent script to automate proxy server deployment on Linux. Supports multiple protocols (VLESS, VMess, Shadowsocks, WireGuard), automatic certificate generation, CDN node management, and multi-VPS subscription configurations—often used for network optimization or censorship circumvention. -
22
Laravel Packager
A cli tool for creating Laravel packages
This package provides you with a simple tool to set up a new package and it will let you focus on the development of the package instead of the boilerplate. If you do run the package on Laravel 5.5+, package auto-discovery takes care of the magic of adding the service provider. Be aware that the auto-discovery also means that this package is loaded in your production environment. -
23
Amazon EKS Pod Identity Webhook
Amazon EKS Pod Identity Webhook
This webhook is for mutating pods that will require AWS IAM access. After version v0.3.0, --in-cluster=true no longer works and is deprecated. Please use --in-cluster=false and manage the cluster certificate with a cert-manager or some other external certificate provisioning system. This is because certificates using the legacy-unknown signer are no longer signed when using the v1 certificates API. Create an OIDC provider in IAM for your cluster. You can find the OIDC discovery endpoint by describing your EKS cluster. Create an IAM role for your pods and modify the trust policy to allow your pod's service account to use the role. ... -
24
Trillian
A transparent, highly scalable and cryptographically verifiable data
...The system is designed for horizontal scale with gRPC APIs, enabling multiple frontends and sequencers to operate over a shared backend. Common use cases include certificate transparency, package registries, and audit logs where public verifiability or tamper evidence is required. Trillian exposes both “log” and “map” primitives so developers can choose between append-only timelines or verifiable dictionaries depending on their data model. By making verification independent of trust in the operator, trillian helps build systems that are auditable by external parties. -
25
Syncthing
Open Source Continuous File Synchronization
Syncthing is an open source continuous file synchronization program, which essentially works by synchronizing files between two or more computers in real time. Syncthing is designed to first and foremost keep users’ data safe and protected against data loss and against attackers who would unlawfully try and access this data. It doesn’t store data anywhere else except on your computers and uses encryption to secure all your data. It is very easy to use, cross-platform and automatic. As such,...