cert-gen VS acme-dns

Compare cert-gen vs acme-dns and see what are their differences.

acme-dns

Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely. (by joohoi)
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
cert-gen acme-dns
1 39
91 2,134
- -
0.0 0.0
almost 2 years ago 4 months ago
Shell Go
MIT License MIT License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

cert-gen

Posts with mentions or reviews of cert-gen. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-03-23.
  • A safer default for navigation: HTTPS
    8 projects | news.ycombinator.com | 23 Mar 2021
    > I wish there was a solution for those of us who develop web interfaces for embedded products designed to live on LAN

    There almost is! Instead of self signed certificates, use a certificate authority, and install that on the LAN's machines. https://github.com/devilbox/cert-gen

    You can use macOS Server or Active Directory to push out the Certificate as trusted.

    It's not perfect, but it's close enough for a LAN.

acme-dns

Posts with mentions or reviews of acme-dns. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2024-08-19.
  • Migrating Mess with DNS to Use PowerDNS
    2 projects | news.ycombinator.com | 19 Aug 2024
    Great question. My first pass at the project was looking to conform to the ACME DNS API [1]. There are some tools for cert management that use that API, so it gave me broad tool support with very little effort. The getlocalcert subdomains don't permit user modification of A, MX, or CNAME records on the public DNS; you've got to do that with a private DNS server you provide.

    I may consider extending the service to allow A/AAAA records to private IP ranges, and then I'd need a more full featured API, but this far there hasn't been demand for the feature.

    Hit me up on email if you want to chat more (in profile), we're solving some similar problems.

    [1] https://github.com/joohoi/acme-dns

  • Free DDNS with Cloudflare and a Cronjob
    17 projects | news.ycombinator.com | 26 Jul 2024
    there is also https://github.com/joohoi/acme-dns and LE clients like lego supporting it.
  • Subdomain.center – discover all subdomains for a domain
    4 projects | news.ycombinator.com | 15 Sep 2023
    Getting a wildcard certificate from LE might be a better option, depending on how easy the extra bit of if plumbing is with your lab setup.

    You need to use DNS based domain identification, and once you have a cert distribute it to all your services. The former can be automated using various common tools (look at https://github.com/joohoi/acme-dns, self-hosted unless you are only securing toys you don't really care about, if you self host DNS or your registrar doesn't have useful API access) or you can leave that as an every ~ten weeks manual job, the latter involves scripts to update you various services when a new certificate is available (either pushing from where you receive the certificate or picking up from elsewhere). I have a little VM that holds the couple of wildcard certificates (renewing them via DNS01 and acmedns on a separate machine so this one is impossible to see from the outside world), it pushes the new key and certificate out to other hosts (simple SSH to copy over then restart nginx/Apache/other).

    Of course you may decide that the shin if your own CA is easier than setting all this up, as you can sign long lived certificates for yourself. I prefer this because I don't need to switch to something else if I decide to give friends/others access to something.

  • Easy HTTPS for your private networks
    13 projects | news.ycombinator.com | 10 Jul 2023
  • I've created a solution for managing internal domains, how do I selfhost this more?
    2 projects | /r/selfhosted | 29 May 2023
    As someone else said, it’s a huge pain to run your own dns services. However, if you want some separation, I recently saw https://github.com/joohoi/acme-dns
  • LeGo CertHub v0.9.0 with Docker Support
    13 projects | /r/selfhosted | 13 May 2023
    v0.9.1 is out and natively supports both https://github.com/joohoi/acme-dns and any dns provider available in https://github.com/acmesh-official/acme.sh
  • How do you deal with SSL certs management?
    3 projects | /r/networking | 24 Apr 2023
    I have set up an acme-dns server to answer ACME DNS Challenges: https://github.com/joohoi/acme-dns
  • How to configure and use acme-dns?
    3 projects | /r/selfhosted | 22 Mar 2023
  • What is a good alternative if port 80 is blocked?
    2 projects | /r/selfhosted | 9 Feb 2023
    The DNS challenge can be easily automated using https://github.com/joohoi/acme-dns - you do need an IP you can run a DNS server on though.
  • Setting up ssl on AGH
    1 project | /r/Adguard | 9 Oct 2022
    If your server is not accessible over the internet, you can still use Let's Encrypt or ZeroSSL to get a certificate. You'll just need to set up a DNS Challenge for things to work. This is a little more complicated, but can work even if your DNS provider doesn't have an API. For example, I use Google Domains and Google DNS (not cloud DNS) for my DNS server, but I've got an instance of acme-dns running on VPS box that handles the DNS auth for me. It's how every machine on my local network has valid certificates - but I annoyingly need to renew them every 90 days.

What are some alternatives?

When comparing cert-gen and acme-dns you can also consider the following projects:

servercert - Repository for the CA/Browser Forum Server Certificate Chartered Working Group

Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface

devcert - Local HTTPS development made easy

lego - Let's Encrypt/ACME client and library written in Go

devcert-cli - A CLI wrapper for devcert, to manage development SSL/TLS certificates and domains

duckdns - Caddy module: dns.providers.duckdns

docker-swag - Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.

acme-dns-server - Simple DNS server for serving TXT records written in Python

acme.sh - A pure Unix shell script implementing ACME client protocol

dehydrated - letsencrypt/acme client implemented as a shell-script – just add water

cfssl - CFSSL: Cloudflare's PKI and TLS toolkit

LetsEncrypt-PRTG - Post request script to install an SSL certificate obtained with Certify the Web or win-acme in PRTG.

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured