45 projects
cert-manager
cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources.
7,757
2,734
$32M
Certbot
Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
6,934
2,086
$2.4M
acme.sh
An ACME protocol client tool written in pure Shell (Unix shell) script language to automatically issue & renew free SSL certificates from Let's Encrypt and other ACME protocol-based Certificate Authorities
5,003
917
$1.5M
Sigstore
sigstore empowers software maintainers to easily sign software artifacts and store those artifacts into a production grade public transparency log.
2,109
649
$18M
Lego
Lego is a Let's Encrypt client and ACME library written in Go, enabling automated certificate management and integration with various DNS providers for domain validation
2,072
730
$5M
Mbed TLS
Mbed TLS is an open source, portable, easy to use, readable and flexible SSL/TLS library that implements cryptographic primitives and X.509 certificate handling. It provides a comprehensive implementation of the TLS and SSL protocols, along with various cryptographic algorithms and helper functions.
2,024
439
$3.6M
Bouncy Castle Crypto Package for Java
Bouncy Castle is a cryptography library providing implementations of cryptographic algorithms and protocols for Java. It includes support for encryption/decryption, digital signatures, certificate handling, TLS, and other security-related functionality.
1,772
326
$38M
SOPS
SOPS (Secrets OPerationS) is an editor in the form of a command-line tool and SDK designed to help manage encrypted files in a variety of structured (YAML, JSON, ENV, INI) and BINARY formats using a one of the supported Key Management Systems (KMS), PGP, or age.
1,696
747
$978K
Infisical
Infisical is an open-source secrets management platform that enables secure storage, management, and synchronization of environment variables and secrets across development teams and cloud infrastructure. It provides end-to-end encryption, access controls, and integrations with various development tools and cloud services.
1,621
451
$26M
OpenSC
OpenSC is an open-source project that provides tools and libraries for working with smart cards and security tokens. It enables secure authentication, digital signatures, and encryption using smart cards through a standardized PKCS#11 interface and native APIs.
1,585
360
$8.4M
phpseclib
phpseclib is a pure PHP implementation of various cryptographic and security protocols, providing secure communications and data encryption capabilities. It includes implementations of SSH, SFTP, X.509, RSA, AES and other cryptographic standards, designed to be a secure and portable alternative to OpenSSL.
1,374
315
$2.2M
Forge
Forge is a native implementation of TLS (and various other cryptographic tools) in JavaScript that provides a comprehensive set of cryptographic functions for use in web applications. It supports digital signatures, encryption, message digests, and various other cryptographic operations.
1,171
346
$1.3M
OpenPGP.js
OpenPGP implementation for JavaScript
1,090
332
$2.1M
Botan
Botan is a cryptography library written in C++11 that provides a comprehensive set of cryptographic algorithms, protocols, and tools. It includes implementations of TLS, X.509 certificates, AEAD modes, hash functions, public key cryptography, and various other cryptographic primitives.
949
190
$180K
step-ca
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
900
246
$4.3M
tpm2-tools
The source repository for the Trusted Platform Module (TPM2.0) tools
726
147
$2.5M
MimeKit
A .NET MIME creation and parser library with support for S/MIME, PGP, DKIM, TNEF and Unix mbox spools.
721
106
$15M
Portable OpenSSH
Portable OpenSSH
710
233
$5.2M
Bouncy Castle Cryptography Library for .NET
A comprehensive cryptography library for the .NET platform that provides implementations of various cryptographic algorithms, protocols, and standards. It is a C# port of the Bouncy Castle Java cryptography APIs.
601
105
$22M
TPM2 Software Stack
OSS implementation of the TCG TPM2 Software Stack (TSS2)
595
113
$5.7M
FreeIPA
FreeIPA is an integrated security information management solution combining Linux (389) Directory Server, MIT Kerberos, NTP, DNS, and Dogtag certificate system. It provides centralized authentication, authorization and account information by storing data about users, groups, hosts and other objects necessary to manage the security aspects of a network of computers.
524
76
$26M
Apache MINA SSHD
Apache MINA sshd is a comprehensive Java library for client- and server-side SSH.
488
79
$5.6M
Heimdal
Heimdal
440
101
$31M
libp11
PKCS#11 wrapper library
402
99
$499K
Certifi
Certifi is a Python package that provides a curated collection of Root Certificates for validating the trustworthiness of SSL/TLS certificates while verifying HTTPS connections. It bundles Mozilla's root certificate store into a format that can be easily consumed by Python applications.
337
143
$8K
RustCrypto Formats
Cryptography-related format encoders/decoders: DER, PEM, PKCS, PKIX
328
123
$3.2M
CertMagic
CertMagic is a Go library that provides automatic HTTPS certificate management and renewal using Let's Encrypt. It handles certificate issuance, renewal, and storage with built-in replication and cross-platform support.
280
122
$272K
Dogtag PKI
The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
250
40
$26M
Certificate Transparency Go
Auditing for TLS certificates (Go code)
227
77
$2M
Digital Signature Service
Digital Signature Service : creation, extension and validation of advanced electronic signatures
193
13
$52M
OpenXPKI
OpenXPKI is an enterprise-grade PKI/certificate management system that provides a flexible and secure infrastructure for managing digital certificates, keys, and PKI operations. It supports various certificate authorities, HSM integration, and automated certificate lifecycle management.
72
4
$4.2M
EasyRSA
easy-rsa - Simple shell based CA utility
GnuTLS
Mirror of official gnutls repository
Lemur Certificate Manager
Repository for the Lemur Certificate Manager
check_ssl_cert
A shell script (that can be used as a Nagios/Icinga plugin) to check an SSL/TLS connection.
letsencrypt-boulder-acme-go-ca
An ACME-based certificate authority, written in Go.
testssl.sh
Testing TLS/SSL encryption anywhere on any port
webpki
WebPKI X.509 Certificate Validation in Rust