SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Go Letsencrypt Projects
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
acme-dns
Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
-
ssl-proxy
:lock: Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-signed, provided)
-
labca
A private Certificate Authority for internal (lab) use, based on the open source ACME Automated Certificate Management Environment implementation from Let's Encrypt (tm).
-
letsdebug
Diagnostic tool/website to help figure out why you can't issue a certificate for Let's Encrypt
-
eclaire
lightning-fast static site webserver with automatic HTTPS right out of the box! (by donuts-are-good)
-
certificator
A tool that requests certificates from ACME supporting CA, solves DNS challenges, and stores retrieved certificates in Vault.
-
devops
This code will setup a new FREE VM on google cloud with postgres, a load balancer, and a web app that can query from the postgres running on localhost. (by andrewarrow)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
However, it's very unlikely that .NET developers will directly expose their Kestrel-based web apps to the internet. Typically, we use other popular web servers like Nginx, Traefik, and Caddy to act as a reverse-proxy in front of Kestrel for various reasons:
Echo - web framework for Go
cert-manager
Project mention: Dehydrated: Letsencrypt/acme client implemented as a shell-script | news.ycombinator.com | 2024-04-19Self contained but hardly a tiny supply chain attack surface: https://github.com/go-acme/lego/blob/master/go.sum
Project mention: Show HN: OpenOrb, a curated search engine for Atom and RSS feeds | news.ycombinator.com | 2024-04-22https://github.com/miniflux/v2 in case anyone else was also wondering
Project mention: Show HN: Clace – Platform for secure internal web applications | news.ycombinator.com | 2023-10-18
Project mention: Subdomain.center – discover all subdomains for a domain | news.ycombinator.com | 2023-09-15Getting a wildcard certificate from LE might be a better option, depending on how easy the extra bit of if plumbing is with your lab setup.
You need to use DNS based domain identification, and once you have a cert distribute it to all your services. The former can be automated using various common tools (look at https://github.com/joohoi/acme-dns, self-hosted unless you are only securing toys you don't really care about, if you self host DNS or your registrar doesn't have useful API access) or you can leave that as an every ~ten weeks manual job, the latter involves scripts to update you various services when a new certificate is available (either pushing from where you receive the certificate or picking up from elsewhere). I have a little VM that holds the couple of wildcard certificates (renewing them via DNS01 and acmedns on a separate machine so this one is impossible to see from the outside world), it pushes the new key and certificate out to other hosts (simple SSH to copy over then restart nginx/Apache/other).
Of course you may decide that the shin if your own CA is easier than setting all this up, as you can sign long lived certificates for yourself. I prefer this because I don't need to switch to something else if I decide to give friends/others access to something.
{ "$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json", "__comment1__": "This is a simple configuration file, all values and sections that start with underscore (_) are ignored. Edit a section an> "__comment2__": "See node_modules/meshcentral/sample-config-advanced.json for a more advanced example.", "settings": { "cert": "mydomain.duckdns.org", "WANonly": true, "_LANonly": true, "_sessionKey": "MyReallySecretPassword1", "port": 443, "aliasPort": 443, "redirPort": 80, "redirAliasPort": 80 }, "domains": { "": { "title": "MyServer", "_title2": "Servername", "_minify": true, "_newAccounts": true, "userNameIsEmail": true } }, "_letsencrypt": { "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before trying Let's Encrypt.", "email": "[email protected]", "names": "domain.duckdns.org", "skipChallengeVerification": true, "production": false } }
Project mention: Ask HN: What was an interesting project you started and finished over a weekend? | news.ycombinator.com | 2024-04-06I built a tool that generates and renews letsencrypt certs, automatically verifies via dns, and uploads to your destination (for example, a load balancer.)
https://github.com/poundifdef/certmaster
I want to turn it into a service but haven’t gotten any feedback that people want it!
Project mention: Setup a free Google Cloud (e2-micro) VM with psql and a webapp | /r/programming | 2023-07-06
Go Letsencrypt related posts
- deploying a minio service to kubernetes
- Run WebAssembly on DigitalOcean Kubernetes with SpinKube - In 4 Easy Steps
- Importing kubernetes manifests with terraform for cert-manager
- Need help installing and securing on Ubuntu VPC
- Show HN: Certmaster – Automatically issue and install Let's Encrypt certificates
- Deploy Rancher on AWS EKS using Terraform & Helm Charts
- Setup/Design internal PKI
-
A note from our sponsor - SaaSHub
www.saashub.com | 23 Apr 2024
Index
What are some of the best open-source Letsencrypt projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | traefik | 47,726 |
2 | Echo | 28,466 |
3 | cert-manager | 11,429 |
4 | lego | 7,241 |
5 | Miniflux | 6,228 |
6 | certmagic | 4,812 |
7 | acmetool | 2,021 |
8 | acme-dns | 1,960 |
9 | gobetween | 1,888 |
10 | Armor | 1,664 |
11 | ssl-proxy | 710 |
12 | autotls | 360 |
13 | labca | 280 |
14 | s3www | 151 |
15 | letsdebug | 125 |
16 | certmaster | 74 |
17 | roxy | 50 |
18 | syno-cli | 35 |
19 | eclaire | 13 |
20 | certificator | 12 |
21 | https-forward | 11 |
22 | devops | 10 |
23 | agent | 2 |
Sponsored