zlint
cli
| zlint | cli | |
|---|---|---|
| 3 | 9 | |
| 383 | 3,803 | |
| 1.6% | 1.5% | |
| 8.2 | 9.4 | |
| 5 days ago | 6 days ago | |
| Go | Go | |
| Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
zlint
-
Let's Encrypt Acme API Outage
Yup, the two most popular are:
https://github.com/zmap/zlint
https://github.com/certlint/certlint
They each have their strengths and weaknesses, so CAs are advised to use both.
- zlint: X.509 Certificate Linter focused on Web PKI standards and requirements.
-
Introducing Certomancer: the Python X.509 testing framework.
Can you compare it with https://github.com/zmap/zlint as a cert linter?
cli
-
Setting up a trusted, self-signed SSL/TLS certificate authority in Linux
I previously used openssl-based scripts to generate certificates to use for local development or applications on a private network. I have since moved to using the step CLI [1].
OpenSSL is powerful, but it's hard to figure out how to use correctly. Each command seems cryptic no matter how many times I use it.
The step CLI is a lot simpler, even though it has a few quirks: generating PKCS1 formatted private keys instead of the newer PKCS7 format, making every leaf certificate eligible to be either a server certificate or a client certificate, and absurdly low default certificate expirations.
1: https://github.com/smallstep/cli
-
Google will disable all but OAuth for IMAP, SMTP and POP starting Sept. 30
https://github.com/smallstep/cli implements some OAuth flows from the CLI, it may be helpful for you.
- Running one’s own root Certificate Authority in 2023
- Uacme: ACMEv2 client written in plain C with minimal dependencies
-
OpenSSL as a GUI
Is the according command line tool (https://github.com/smallstep/cli) from smallstep free and behind this GUI?
-
If you’re not using SSH certificates you’re doing SSH wrong
And they have an open issue for producing a chocolatey package: https://github.com/smallstep/cli/issues/365
-
Should you use Let's Encrypt for internal hostnames?
I'm biased because I'm the founder of the company, but you should check out the certificate management toolchain (CA[1] and CLI[2]) we've built at smallstep. A big focus of the project is human-friendliness. It's not perfect (yet) but I think we've made some good progress.
We also have a hosted option[3] with a free tier that should work for individuals, homelabs, pre-production, and even small production environments. We've started building out a management UI there, and it does map to the CLI as you've described :).
[1] https://github.com/smallstep/certificates
[2] https://github.com/smallstep/cli
[3] https://smallstep.com/certificate-manager/
-
SSH Keys How Are You Managing Them All?
https://github.com/smallstep/cli is pretty amazing, tbh. Documentation is just as stellar!
-
Recommend: Linux-Equivalent Tool of mkcert
https://github.com/smallstep/cli may be a bit overkill for your needs, but it's an epic toolkit and well worth checking out!
What are some alternatives?
certomancer - Quickly construct, mock & deploy PKI test configurations using simple declarative configuration.
slips - SatoshiLabs Improvement Proposals
certlint - X.509 certificate linter
getssl - obtain free SSL certificates from letsencrypt ACME server Suitable for automating the process on remote servers.
certificate-transparency - Auditing for TLS certificates.
jose-jwt - Ultimate Javascript Object Signing and Encryption (JOSE), JSON Web Token (JWT) and Json Web Keys (JWK) Implementation for .NET and .NET Core