python-certifi - (Python Distribution) A carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts

•    Python

---

Certifi is a carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. It has been extracted from the Requests project. Browsers and certificate authorities have concluded that 1024-bit keys are unacceptably weak for certificates, particularly root certificates. For this reason, Mozilla has removed any weak (i.e. 1024-bit key) certificate from its bundle, replacing it with an equivalent strong (i.e. 2048-bit or greater key) certificate from the same CA. Because Mozilla removed these certificates from its bundle, certifi removed them as well.

hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation.

•    Go

---

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs traffic can be successfully decrypted, intercepted and recorded.

pem - Create private keys and certificates with node.js

•    Javascript

---

Here are some examples for creating an SSL key/cert on the fly, and running an HTTPS server on port 443. 443 is the standard HTTPS port, but requires root permissions on most systems. To get around this, you could use a higher port number, like 4300, and use https://localhost:4300 to access your server. Please have a look into the API documentation.

certificate csr certificate-signing-request tls-certificate tls signing pem ssl-certificate ssl nodejs signing-certificates

Lego - Let's Encrypt client and ACME library

•    Go

---

Let's Encrypt client and ACME library written in Go.

letsencrypt acme certificate security letsencrypt-client

gorush - A push notification server written in Go (Golang).

•    Go

---

A push notification micro server using Gin framework written in Go (Golang).

push-notification ios-notification notification-server android gcm gorush-server apns ios-alert-payload ios messaging pub-sub message-queue

rancher-letsencrypt - :cow: Rancher service that obtains and manages free SSL certificates from the Let's Encrypt CA

•    Go

---

A Rancher service that obtains free SSL/TLS certificates from the Let's Encrypt CA, adds them to Rancher's certificate store and manages renewal and propagation of updated certificates to load balancers. If using the HTTP challenge, a reverse proxy that routes example.com/.well-known/acme-challenge to rancher-letsencrypt.

rancher certificate letsencrypt ssl-certificates dns

Cryptlib - provides Encryption and Authentication Service

•    C

---

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.

cryptography encryption s-mime digital-signature security security-library

hotel - :love_hotel: A simple process manager for developers

•    Javascript

---

Tip: if you don't enable local domains, hotel can still be used as a catalog of local servers..localhost replaces .dev local domain and is the new default. See https://ma.ttias.be/chrome-force-dev-domains-https-via-preloaded-hsts/ for context.

process-manager front-end devtools https local local-domain proxy dev devtool domain host localhost manager process server

certificates - 🛡️ An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere

•    Go

---

An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere. For more information and docs see the Step website and the blog post announcing Step Certificate Authority.

tls x509 certificates security security-tools certificate-authority pki ca

browser - The browser extension vault (Chrome, Firefox, Opera, Edge, Safari, & more).

•    Javascript

---

The Bitwarden browser extension is written using the Chrome Web Extension API and AngularJS. By default the extension is targeting the production API. If you are running the Core API locally, you'll need to switch the extension to target your local instance. Open src/services/api.service.ts and set this.baseUrl and this.identityBaseUrl to your local API instance (ex. http://localhost:5000).

chrome opera firefox webextensions webextension edge bitwarden vivaldi angularjs typescript safari safari-extension

boulder - An ACME-based CA, written in Go.

•    Go

---

This is an implementation of an ACME-based CA. The ACME protocol allows the CA to automatically verify that an applicant for a certificate actually controls an identifier, and allows domain holders to issue and revoke certificates for their domains.Boulder has a Dockerfile to make it easy to install and set up all its dependencies. This is how the maintainers work on Boulder, and is our main recommended way to run it.

boulder acme certificate-authority tls lets-encrypt ca pki certificate security

certmagic - Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

•    Go

---

CertMagic is the most mature, robust, and capable ACME client integration for Go. With CertMagic, you can add one line to your Go application to serve securely over TLS, without ever having to touch certificates.

https acme letsencrypt automatic-https tls tls-certificate

JaBaCATs: Java Basic C.A. Tools.

•    Java

---

The aim of this project is to create a set of basic java tools for developers who need Certificate Authority (CA) root certificates and user certificates signed by the CA.

local-cert-generator - A set of scripts to quickly generate a HTTPS certificate for your local development environment

•    Shell

---

A set of scripts to quickly generate a HTTPS certificate for your local development environment. Note: You may need to restart your browser to load the newly trusted root certificate correctly.

https ssl-certificate https-certificate

Windows Phone Certificate Installer

•    

---

Helps install Trusted Root Certificates on Windows Phone 7 to enable SSL requests. Intended to allow developers to use localhost web servers during development without requiring the purchase of an SSL certificate. Especially helpful for ws-trust secured web service development.

cert-manager - Automatically provision and manage TLS certificates in Kubernetes

•    Go

---

cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.

kubernetes letsencrypt tls certificate crd

backup-adblockpluschrome - Adblock Plus extension for Google Chrome

•    Javascript

---

This repository contains the platform-specific Adblock Plus source code for Chrome, Opera and Safari. It can be used to build Adblock Plus for these platforms, generic Adblock Plus code will be extracted from other repositories automatically (see dependencies file). This will create a build with a name in the form adblockpluschrome-1.2.3.nnnn.crx or adblockplussafari-1.2.3.nnnn.safariextz. Note that you don't need an existing signing key for Chrome or Opera, a new key will be created automatically if the file doesn't exist. Safari on the other hand always requires a valid developer certificate, you need to get one in the Apple Developer Center first. adblockplussafari.pem should contain the private key for your developer certificate, the developer certificate itself as well as all the certificates it was signed with (Apple's root certificate and intermediate certificates) in PEM format - in that order.

firefox-ios - Firefox for iOS

•    C

---

* Mailing list: [mobile-firefox-dev@mozilla.org](https://mail.mozilla.org/listinfo/mobile-firefox-dev).* Bugs: [File a new bug](https://bugzilla.mozilla.org/enter_bug.cgi?bug_file_loc=http%3A%2F%2F&bug_ignored=0&op_sys=iOS%207&product=Firefox%20for%20iOS&rep_platform=All) • [Existing bugs](https://bugzilla.mozilla.org/describecomponents.cgi?product=Firefox%20for%20iOS)This is a work in progress on some early ideas. Don't get too attached to this code. Tomorrow everything will be dif

EtherAddressLookup - Adds links to strings that look like Ethereum addresses to your favourite blockchain explorer

•    Javascript

---

The blacklists found in this repo serve both the EAL Chrome Extension & MetaMask Chrome Extension. We use a Levenshtein distance algoritm to detect similar URLs, so if you encounter an errounously-blocked website, please add it to the whitelist. The master branch is bundled on every release and pushed to the Chrome & Firefox Extension store, you can view/download it here: https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn for Chrome, and https://addons.mozilla.org/en-US/firefox/addon/etheraddresslookup/ for Firefox.

ethereum ethereum-address chrome-extension security blacklist

easy-rsa - easy-rsa - Simple shell based CA utility

•    Shell

---

easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms, this means to create a root certificate authority, and request and sign certificates, including sub-CAs and certificate revocation lists (CRL). If you are looking for release downloads, please see the releases section on GitHub. Releases are also available as source checkouts using named tags.