Top 23 Go Letsencrypt Projects

Letsencrypt

• Add a project

1. traefik

   1 198 54,588 9.6 Go

   The Cloud Native Application Proxy

   

   Project mention: 10 Lightweight API Gateways for Your Next Project | dev.to | 2025-04-30

   With some more work, you could configure proxies that work lower on the infrastructure level, like NGINX, Envoy Proxy, HAProxy, or Traefik Proxy to give you the classic API gateway functionality. There's also KrakenD as another open-source option.

2. InfluxDB

   www.influxdata.com featured

   InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

   

3. Echo

   2 134 30,971 7.2 Go

   High performance, minimalist Go web framework

   

   Project mention: What Is the Best Web Framework for Go? | dev.to | 2025-05-13

   ⭐ Echo on GitHub (30k+ stars)

4. cert-manager

   3 115 12,797 9.7 Go

   Automatically provision and manage TLS certificates in Kubernetes

   

   Project mention: When cert-manager meets Essendi XC | dev.to | 2025-05-10

   After a year of running in production, I'm ready to publish the first public release of the cert-manager issuer for the Essendi XC certificate management tool.

5. lego

   4 57 8,567 9.3 Go

   Let's Encrypt/ACME client and library written in Go

   

   Project mention: Jellyfin: We're Good, Seriously | news.ycombinator.com | 2024-07-22

   You could just get a wildcard certificate with lets encrypt, via a dns challenge.

   E.g. lego supports many different dns providers

   https://go-acme.github.io/lego/

   And then internally inside of tailscale you could have your own dns server, which serves subdomains of your domain, and for all subdomains you can use the same wildcard certificate.

   This also does not 'expose' your subdomains on Certificate Transparency logs

6. Miniflux

   5 97 7,590 9.7 Go

   Minimalist and opinionated feed reader

   

   Project mention: Reading RSS content is a skilled activity | news.ycombinator.com | 2025-04-25

   My problem with RSS is that I tend to subscribe to too many things and then it's too much. Also I wanted a solution that was free or self hosted, but I realized it's much better if someone manages the complexity for me, so I just ended up going with the paid hosting for miniflux (https://miniflux.app/).

   Now I've just subscribed to a few things I care about, I open the website from time to time, quickly mark as "read" stuff I'm not interested in, and when I have more time I just go through everything that is still unread, because it's been "filtered in". Seems to work!

7. certmagic

   6 15 5,221 8.0 Go

   Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

   

   Project mention: Caddy – The Ultimate Server with Automatic HTTPS | news.ycombinator.com | 2025-02-16

   I'm a big fan of pico.sh (it's one of my main inspiration for smallweb.run).

   I'm sure you're aware of it, but it might be interesting to others: caddy exposes all of it's internal as library you can easily integrate to your projects: https://github.com/caddyserver/certmagic

8. acme-dns

   7 39 2,370 2.6 Go

   Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.

   

   Project mention: Migrating Mess with DNS to Use PowerDNS | news.ycombinator.com | 2024-08-19

   Great question. My first pass at the project was looking to conform to the ACME DNS API [1]. There are some tools for cert management that use that API, so it gave me broad tool support with very little effort. The getlocalcert subdomains don't permit user modification of A, MX, or CNAME records on the public DNS; you've got to do that with a private DNS server you provide.

   I may consider extending the service to allow A/AAAA records to private IP ranges, and then I'd need a more full featured API, but this far there hasn't been demand for the feature.

   Hit me up on email if you want to chat more (in profile), we're solving some similar problems.

   [1] https://github.com/joohoi/acme-dns

9. SaaSHub

   www.saashub.com featured

   SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

   

10. acmetool

    8 1 2,061 0.0 Go

    :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

    

11. gobetween

    9 5 1,955 3.9 Go

    :cloud: Modern & minimalistic load balancer for the Сloud era

    

12. godoxy

    10 2 1,796 9.9 Go

    Easy to use reverse proxy with docker integration

    

    Project mention: GoDoxy – Easy to use reverse proxy with Docker integration | news.ycombinator.com | 2025-03-23

13. Armor

    11 0 1,663 0.0 Go

    Uncomplicated, modern HTTP server

    

14. ssl-proxy

    12 2 750 4.5 Go

    :lock: Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-signed, provided)

    

15. labca

    13 4 431 8.7 Go

    A private Certificate Authority for internal (lab) use, based on the open source ACME Automated Certificate Management Environment implementation from Let's Encrypt (tm).

    

16. autotls

    14 1 395 6.0 Go

    Support Let's Encrypt for a Go server application.

    

17. s3www

    15 2 169 3.3 Go

    Serve static files from any S3 compatible object storage services (Let's Encrypt ready)

    

18. letsdebug

    16 9 142 7.7 Go

    Diagnostic tool/website to help figure out why you can't issue a certificate for Let's Encrypt

    

    Project mention: Let's Debug | news.ycombinator.com | 2025-04-29

19. certmaster

    17 4 84 5.7 Go

    Automatically renew certs and install to destinations

    

20. roxy

    18 1 49 0.0 Go

    Roxy the Frontend Proxy

    

21. syno-cli

    19 1 42 6.7 Go

    Synology unofficial API CLI and library

    

22. inca

    20 1 34 9.8 Go

    INternal CA is an API around Certificate Authority flows to handle internal and global certificates at ease

    

    Project mention: INternal CA is an API around Certificate Authority flows | news.ycombinator.com | 2024-06-25

23. certificator

    21 1 17 0.0 Go

    A tool that requests certificates from ACME supporting CA, solves DNS challenges, and stores retrieved certificates in Vault.

    

24. eclaire

    22 1 13 0.0 Go

    lightning-fast static site webserver with automatic HTTPS right out of the box! (by donuts-are-good)

    

25. https-forward

    23 1 12 0.0 Go

    A forwarding HTTPS server using Let's Encrypt

    

26. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

Go Letsencrypt related posts

• When cert-manager meets Essendi XC

  3 projects | dev.to | 10 May 2025

• Let's Debug

  1 project | news.ycombinator.com | 29 Apr 2025

• GoDoxy – Easy to use reverse proxy with Docker integration

  1 project | news.ycombinator.com | 23 Mar 2025

• Technical Guide: Syncing Ingress Resources from various Virtual Cluster on GKE with vCluster

  2 projects | dev.to | 3 Mar 2025

• Kubernetes Ingress Controllers: Routing Traffic Made Simple

  1 project | dev.to | 4 Feb 2025

• Implémenter le Retrieval Augmented Generation (RAG) de manière privée sur Kubernetes avec KubeAI et…

  6 projects | dev.to | 30 Dec 2024

• Elastic Cloud on Kubernetes (ECK) with custom domain name

  1 project | dev.to | 3 Dec 2024
• A note from our sponsor - SaaSHub
  www.saashub.com | 16 May 2025

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

InfluxDB – Built for High-Performance Time Series Workloads

InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

www.influxdata.com

Do not miss the trending Go projects with our weekly report!