Certrust is an open-source, self-hosted Local SSL Certificate Manager designed to simplify the management of SSL certificates for local development environments. It empowers developers and system administrators to create and manage certificate authorities, generate SSL certificates, and streamline certificate renewal processes. Certrust is built on top of the OpenSSL library, ensuring robust security practices.
-
Certificate Authority Management: Easily create and manage root authorities and sub-authorities to issue SSL certificates for your local domains.
-
Certificate Generation: Generate SSL certificates for your local domains using the authorities you've created.
-
Certificate Renewal (Work in progress): Automate certificate renewal processes to ensure continuous SSL security.
-
Docker Integration: Certrust is Docker-ready, making it convenient for users to self-host the service without complicated setup procedures.
-
Web Application: The Certrust web app is built using Laravel, providing a user-friendly interface for managing certificates and authorities.
- Docker & Docker-compose.
- Git.
With official images. (recommended)
Here is a docker-compose example to get you started quickly.
services:
api:
image: iceish/certrust:api-v0.1.0-beta
container_name: ct-certrust-api
tty: true
environment:
SERVICE_NAME: api
SERVICE_TAGS: dev
working_dir: /var/www/html
networks:
- net-certrust
client:
image: iceish/certrust:client-v0.1.0-beta
container_name: ct-certrust-client
networks:
- net-certrust
database:
image: mariadb:11.1.2
container_name: ct-certrust-database
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: certrust
MYSQL_USER: certrust
MYSQL_PASSWORD: certrust
healthcheck:
test: [ "CMD", "healthcheck.sh", "--su-mysql", "--connect", "--innodb_initialized" ]
interval: 10s
timeout: 5s
retries: 3
volumes:
- vol-certrust-database:/var/lib/mysql
networks:
- net-certrust
webserver:
image: iceish/certrust:webserver
container_name: ct-certrust-webserver
depends_on:
api:
condition: service_started
client:
condition: service_started
database:
condition: service_healthy
tty: true
ports:
- 80:80
networks:
- net-certrust
networks:
net-certrust:
volumes:
vol-certrust-database:
With source code.
-
Clone the Repository: Begin by cloning this repository to your local machine:
git clone https://github.com/Iceish/certrust.git -b stable cd certrust/
-
Configure your environment:
-
In the Api folder, copy the
.env.example
file to.env.production
and update the environment variables to match your configuration.cd api/ cp .env.example .env.production vim .env.production cd ../
-
In the docker-compose.prod.yml file (in the root folder), update the environment variables to match your configuration.
vim docker-compose.prod.yml
-
-
Start Certrust: Start Certrust using Docker Compose:
docker-compose -f docker-compose.prod.yml up -d
-
Initialize the app: Certrust needs to initialize the app for the first time. Run the following command:
docker-compose -f docker-compose.prod.yml exec api ./certrust-cli.sh init
-
Access the App: Once the containers are up and running, access the Certrust app through your browser by visiting http://localhost/.
See api/ for more information about Laravel API.
See web/ for more information about Svelte-kit Web UI.
To keep a track of our progress, we maintain a roadmap for the project. The roadmap contains a list of features that we are currently working on and features that we plan to work on in the future.
- See ROADMAP.md for more information about incoming changes.
Certrust is an open-source project, and we welcome contributions from the community. Here's how you can get involved:
-
Open Issues: If you encounter issues or have ideas for enhancements, please open an issue to share your feedback.
-
Pull Requests: Contribute to the project by submitting pull requests. Follow our contribution guidelines and coding standards.
-
Spread the Word: If you find Certrust useful, help us reach more users by sharing it with your network.
Check out our contributing guidelines for more information.
Certrust is released under the GPL-3.0 License. You are free to use, modify, and distribute the software in accordance with the terms of the GPL-3.0 license.
Certrust is in its early stages, and there are numerous possibilities for future development and improvement. Your contributions and feedback will help shape the project's evolution. Together, we can create a powerful tool for SSL certificate management in local development environments.