Top 22 Go Certificate Projects

Certificate

• Add a project

1. Gravitational Teleport

   1 66 18,723 10.0 Go

   The easiest, and most secure way to access and protect all of your infrastructure.

   

   Project mention: Ask HN: Who is hiring? (May 2025) | news.ycombinator.com | 2025-05-01

   Teleport (YC S15) | Backend and Fullstack Engineers | US, Toronto, London, Remote OK | https://goteleport.com

   Do you enjoy building security and deployment tools for other engineers? Join us to hack on https://github.com/gravitational/teleport. Most of our code is Go, we have very little technical debt, our codebase is clean and small.

   If you are a backend or fullstack engineer, we expect you to be comfortable with the following:

     * Go for backend and Go+TypeScript for fullstack engineers.

2. InfluxDB

   www.influxdata.com featured

   InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

   

3. cert-manager

   2 117 12,926 9.7 Go

   Automatically provision and manage TLS certificates in Kubernetes

   

   Project mention: Using Tigris as a Filesystem | dev.to | 2025-06-24

   Applying the Deployment, Service, and Ingress went off without a hitch. cert-manager minted a new certificate and External DNS set the DNS target for me. All that was left was to make sure it worked.

4. lego

   3 58 8,700 9.2 Go

   Let's Encrypt/ACME client and library written in Go

   

   Project mention: I no longer have an old-school cert on my HTTPS site | news.ycombinator.com | 2025-05-23

   I don't understand the tone of aggression against ACME and their plethora of clients.

   I know it isn't a skill issue because of who the author is. So I can only imagine it is some sort of personal opinion that they dislike ACME as a concept or the tooling around ACME in general.

   We've been using LE for a while (since 2019 I think) for handful of sites, and the best nonsense client _for us_ was https://github.com/do-know/Crypt-LE/releases.

   Then this year we've done another piece of work this time against the Sectigo ACME server and le64 wasn't quite good enough.

   So we ended up trying:-

   - https://github.com/certbot/certbot on GitHub Actions, it was fine but didn't quite like the locked down environment

   - https://github.com/go-acme/lego huge binary, cli was interestingly designed and the maintainer was quite rude when raising an issue

   - https://github.com/rmbolger/Posh-ACME our favourite, but we ended up going with certbot on GHA once we fixed the weird issues around permissions

5. cli

   4 9 3,917 9.3 Go

   🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc. (by smallstep)

   

   Project mention: Setting up a trusted, self-signed SSL/TLS certificate authority in Linux | news.ycombinator.com | 2025-02-17

   I previously used openssl-based scripts to generate certificates to use for local development or applications on a private network. I have since moved to using the step CLI [1].

   OpenSSL is powerful, but it's hard to figure out how to use correctly. Each command seems cryptic no matter how many times I use it.

   The step CLI is a lot simpler, even though it has a few quirks: generating PKCS1 formatted private keys instead of the newer PKCS7 format, making every leaf certificate eligible to be either a server certificate or a client certificate, and absurdly low default certificate expirations.

   1: https://github.com/smallstep/cli

6. certstrap

   5 8 2,366 2.1 Go

   Tools to bootstrap CAs, certificate requests, and signed certificates.

   

7. acmetool

   6 1 2,073 0.0 Go

   :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

   

8. certigo

   7 5 978 0.0 Go

   A utility to examine and validate certificates in a variety of formats

   

9. Stream

   getstream.io featured

   Stream - Scalable APIs for Chat, Feeds, Moderation, & Video. Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.

   

10. ssl-proxy

    8 2 755 4.5 Go

    :lock: Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-signed, provided)

    

11. cashier

    9 3 721 8.0 Go

    A self-service CA for OpenSSH

    

12. labca

    10 4 442 8.7 Go

    A private Certificate Authority for internal (lab) use, based on the open source ACME Automated Certificate Management Environment implementation from Let's Encrypt (tm).

    

13. sharkey

    11 2 402 5.4 Go

    Sharkey is a service for managing certificates for use by OpenSSH

    

14. gke-managed-certs

    12 1 246 0.0 Go

    Managed Certificates for Kubernetes clusters using GCLB

    

15. nico

    13 1 132 4.2 Go

    A HTTP3 web server for reverse proxy and single page application, automatically apply for ssl certificate, Zero-Configuration. (by txthinking)

    

16. certmaster

    14 4 84 5.7 Go

    Automatically renew certs and install to destinations

    

17. crt

    15 2 69 1.8 Go

    A CLI tool to check Certificate Transparency logs of a domain name. (by cemulus)

    

18. certify

    16 1 45 5.8 Go

    :lock: Create private CA and Issue Certificates without hassle (by nothinux)

    

19. ca-injector

    17 2 31 2.5 Go

    Painlessly use off-the-shelf images (and your own) in your k8s cluster, with custom root CAs.

    

20. sslmgr

    18 0 30 3.7 Go

    A layer of abstraction the around acme/autocert certificate manager (Golang)

    

21. chkcerts

    19 2 27 4.9 Go

    A Go program to display certificate chains simply and quickly with an easy to remember syntax

    

22. devcert

    20 2 12 3.8 Go

    Generate self-signed, trusted certificates for local development. (by primalskill)

    

23. agent

    21 1 2 8.3 Go

    R2 server tools agent (by r2dtools)

    

24. check-cert

    22 1 0 8.9 Go

    Go-based tooling to check/verify certs

    

25. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

Go Certificate related posts

• Google says "not a security issue", quickly fixes without attribution

  3 projects | news.ycombinator.com | 4 Jul 2025

• Kubernetes Ingress Controllers: Routing Traffic Made Simple

  1 project | dev.to | 4 Feb 2025

• Elastic Cloud on Kubernetes (ECK) with custom domain name

  1 project | dev.to | 3 Dec 2024

• Firewall rules: not as secure as you think

  1 project | news.ycombinator.com | 29 Aug 2024

• Eclipse Che on AWS with EFS

  1 project | dev.to | 27 Aug 2024

• Cert-Manager

  1 project | news.ycombinator.com | 16 Jun 2024

• Importing kubernetes manifests with terraform for cert-manager

  1 project | dev.to | 17 Jan 2024
• A note from our sponsor - Stream
  getstream.io | 8 Jul 2025

  Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure. Learn more →

Index

Sponsored

InfluxDB – Built for High-Performance Time Series Workloads

InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

www.influxdata.com

Do not miss the trending Go projects with our weekly report!