Search projects, repositories...

⇧+K

Public Key Infrastructure Tools

Software for managing digital certificates, keys, and PKI operations.

45 projects

45,441 contributors

$348M

Most contributors

cert-manager

cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources.

Contributors

7,757

Organizations

2,734

Software value

$32M

Certbot

Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.

Contributors

6,934

Organizations

2,086

Software value

$2.4M

acme.sh

An ACME protocol client tool written in pure Shell (Unix shell) script language to automatically issue & renew free SSL certificates from Let's Encrypt and other ACME protocol-based Certificate Authorities

Contributors

5,003

Organizations

917

Software value

$1.5M

Sigstore

sigstore empowers software maintainers to easily sign software artifacts and store those artifacts into a production grade public transparency log.

Contributors

2,109

Organizations

649

Software value

$18M

Lego

Lego is a Let's Encrypt client and ACME library written in Go, enabling automated certificate management and integration with various DNS providers for domain validation

Contributors

2,072

Organizations

730

Software value

$5M

Mbed TLS

Mbed TLS is an open source, portable, easy to use, readable and flexible SSL/TLS library that implements cryptographic primitives and X.509 certificate handling. It provides a comprehensive implementation of the TLS and SSL protocols, along with various cryptographic algorithms and helper functions.

Contributors

2,024

Organizations

439

Software value

$3.6M

Bouncy Castle Crypto Package for Java

Bouncy Castle is a cryptography library providing implementations of cryptographic algorithms and protocols for Java. It includes support for encryption/decryption, digital signatures, certificate handling, TLS, and other security-related functionality.

Contributors

1,772

Organizations

326

Software value

$38M

SOPS

SOPS (Secrets OPerationS) is an editor in the form of a command-line tool and SDK designed to help manage encrypted files in a variety of structured (YAML, JSON, ENV, INI) and BINARY formats using a one of the supported Key Management Systems (KMS), PGP, or age.

Contributors

1,696

Organizations

747

Software value

$978K

Infisical

Infisical is an open-source secrets management platform that enables secure storage, management, and synchronization of environment variables and secrets across development teams and cloud infrastructure. It provides end-to-end encryption, access controls, and integrations with various development tools and cloud services.

Contributors

1,621

Organizations

451

Software value

$26M

OpenSC

OpenSC is an open-source project that provides tools and libraries for working with smart cards and security tokens. It enables secure authentication, digital signatures, and encryption using smart cards through a standardized PKCS#11 interface and native APIs.

Contributors

1,585

Organizations

360

Software value

$8.4M

phpseclib

phpseclib is a pure PHP implementation of various cryptographic and security protocols, providing secure communications and data encryption capabilities. It includes implementations of SSH, SFTP, X.509, RSA, AES and other cryptographic standards, designed to be a secure and portable alternative to OpenSSL.

Contributors

1,374

Organizations

315

Software value

$2.2M

Forge

Forge is a native implementation of TLS (and various other cryptographic tools) in JavaScript that provides a comprehensive set of cryptographic functions for use in web applications. It supports digital signatures, encryption, message digests, and various other cryptographic operations.

Contributors

1,171

Organizations

346

Software value

$1.3M

OpenPGP.js

OpenPGP implementation for JavaScript

Contributors

1,090

Organizations

332

Software value

$2.1M

Botan

Botan is a cryptography library written in C++11 that provides a comprehensive set of cryptographic algorithms, protocols, and tools. It includes implementations of TLS, X.509 certificates, AEAD modes, hash functions, public key cryptography, and various other cryptographic primitives.

Contributors

949

Organizations

190

Software value

$180K

step-ca

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Contributors

900

Organizations

246

Software value

$4.3M

tpm2-tools

The source repository for the Trusted Platform Module (TPM2.0) tools

Contributors

726

Organizations

147

Software value

$2.5M

MimeKit

A .NET MIME creation and parser library with support for S/MIME, PGP, DKIM, TNEF and Unix mbox spools.

Contributors

721

Organizations

106

Software value

$15M

Portable OpenSSH

Contributors

710

Organizations

233

Software value

$5.2M

Bouncy Castle Cryptography Library for .NET

A comprehensive cryptography library for the .NET platform that provides implementations of various cryptographic algorithms, protocols, and standards. It is a C# port of the Bouncy Castle Java cryptography APIs.

Contributors

601

Organizations

105

Software value

$22M

TPM2 Software Stack

OSS implementation of the TCG TPM2 Software Stack (TSS2)

Contributors

595

Organizations

113

Software value

$5.7M

FreeIPA

FreeIPA is an integrated security information management solution combining Linux (389) Directory Server, MIT Kerberos, NTP, DNS, and Dogtag certificate system. It provides centralized authentication, authorization and account information by storing data about users, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

Contributors

524

Organizations

Software value

$26M

Apache MINA SSHD

Apache MINA sshd is a comprehensive Java library for client- and server-side SSH.

Contributors

488

Organizations

Software value

$5.6M

Heimdal

Contributors

440

Organizations

101

Software value

$31M

libp11

PKCS#11 wrapper library

Contributors

402

Organizations

Software value

$499K

Certifi

Certifi is a Python package that provides a curated collection of Root Certificates for validating the trustworthiness of SSL/TLS certificates while verifying HTTPS connections. It bundles Mozilla's root certificate store into a format that can be easily consumed by Python applications.

Contributors

337

Organizations

143

Software value

$8K

RustCrypto Formats

Cryptography-related format encoders/decoders: DER, PEM, PKCS, PKIX

Contributors

328

Organizations

123

Software value

$3.2M

CertMagic

CertMagic is a Go library that provides automatic HTTPS certificate management and renewal using Let's Encrypt. It handles certificate issuance, renewal, and storage with built-in replication and cross-platform support.

Contributors

280

Organizations

122

Software value

$272K

Dogtag PKI

The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.

Contributors

250

Organizations

Software value

$26M

Certificate Transparency Go

Auditing for TLS certificates (Go code)

Contributors

227

Organizations

Software value

$2M

Digital Signature Service

Digital Signature Service : creation, extension and validation of advanced electronic signatures

Contributors

193

Organizations

Software value

$52M

OpenXPKI

OpenXPKI is an enterprise-grade PKI/certificate management system that provides a flexible and secure infrastructure for managing digital certificates, keys, and PKI operations. It supports various certificate authorities, HSM integration, and automated certificate lifecycle management.

Contributors

Organizations

Software value

$4.2M