Top 23 Letsencrypt Open-Source Projects

1. traefik

   1 194 53,741 9.6 Go

   The Cloud Native Application Proxy

   

   Project mention: Cloudflare is almost perfect | dev.to | 2025-01-16

   Sidecar containers: Google Cloud Run has a cool feature where you can run multiple containers next to each other. So for example, if you want to run Caddy or Traefik as a reverse proxy for your ingress container and then have both your web frontend container & backend api container co-located in the same service, you can do that & have everything be super low latency.

2. CodeRabbit

   coderabbit.ai featured

   CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

   

3. acme.sh

   2 286 41,774 9.5 Shell

   A pure Unix shell script implementing ACME client protocol

   

   Project mention: Bunster: Compile bash scripts to self contained executables | news.ycombinator.com | 2025-01-23

   Thank you for using the project!

   On the concern of it would be harder to setup, I think it would be easier in fact, you would simply curl the Go or C statically generated binary to your path and would alleviate the need for jq or curl to be installed alongside.

   I think the reason I haven’t made the switch yet is I like Bash (even though my script is getting pretty big), and in a way it’s a testament to what’s possible in the language. Projects like https://github.com/acmesh-official/acme.sh really show the power of Bash.

   That and I think the project would need a name change, and discord.sh as a name gets the point across better than anything I can think of.

4. letsencrypt

   3 21 32,020 9.5 Python

   Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.

   

5. full-stack-fastapi-template

   4 30 31,218 9.1 TypeScript

   Full stack, modern web application template. Using FastAPI, React, SQLModel, PostgreSQL, Docker, GitHub Actions, automatic HTTPS and more.

   

   Project mention: Python Kafka | dev.to | 2024-05-30

   Flask Tutorial: https://palletsprojects.com/p/flask/ FastAPI Tutorial: https://github.com/tiangolo/full-stack-fastapi-template Django REST Framework Tutorial: https://www.django-rest-framework.org/tutorial/quickstart/ Nginx Configuration Guide: https://docs.nginx.com/nginx/admin-guide/web-server/web-server/ Confluent Kafka Python Client: https://docs.confluent.io/platform/current/clients/api-docs/confluent-kafka-python.html Remember: This is a high-level overview. Each step involves further research and configuration based on your specific requirements.

6. Echo

   5 132 30,678 7.4 Go

   High performance, minimalist Go web framework

   

   Project mention: Which Go Web Backend Framework Is Right for Your Next Project? A Detailed Analysis of Features and Performance | dev.to | 2025-03-16

   Echo

7. nginxconfig.io

   6 5 28,007 5.7 JavaScript

   ⚙️ NGINX config generator on steroids 💉

   

8. cert-manager

   7 114 12,598 9.7 Go

   Automatically provision and manage TLS certificates in Kubernetes

   

   Project mention: Technical Guide: Syncing Ingress Resources from various Virtual Cluster on GKE with vCluster | dev.to | 2025-03-03

   kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.16.3/cert-manager.yaml

9. SaaSHub

   www.saashub.com featured

   SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

   

10. lego

    8 57 8,350 9.4 Go

    Let's Encrypt/ACME client and library written in Go

    

    Project mention: Jellyfin: We're Good, Seriously | news.ycombinator.com | 2024-07-22

    You could just get a wildcard certificate with lets encrypt, via a dns challenge.

    E.g. lego supports many different dns providers

    https://go-acme.github.io/lego/

    And then internally inside of tailscale you could have your own dns server, which serves subdomains of your domain, and for all subdomains you can use the same wildcard certificate.

    This also does not 'expose' your subdomains on Certificate Transparency logs

11. BunkerWeb

    9 24 7,700 10.0 Python

    🛡️ Open-source and next-generation Web Application Firewall (WAF)

    

    Project mention: Show HN: BunkerWeb – The Open-Source Web Application Firewall (WAF) | news.ycombinator.com | 2024-12-06

12. acme-companion

    10 32 7,517 8.0 Shell

    Automated ACME SSL certificate generation for nginx-proxy

    

13. Miniflux

    11 96 7,361 9.7 Go

    Minimalist and opinionated feed reader

    

    Project mention: A sysadmin's rant about feed readers and crawlers (2022) | news.ycombinator.com | 2025-03-05

    > If you pull the feed, don't pull the posts. If you pull the posts, don't pull the feed. If you pull both, you're missing the whole point of having an aggregated feed!

    In some cases the reader should fetch both the feed and the pages. Unfortunately, none do

    https://github.com/miniflux/v2/issues/3084

14. Mailu

    12 55 6,295 9.1 Python

    Insular email distribution - mail server as Docker images

    

    Project mention: Ask HN: Replacement for Rackspace SMTP Hosting? | news.ycombinator.com | 2025-03-03

    Made the switch to self-hosted https://mailu.io (on k8s) 2 years ago when Gandi announced the deprecation of their free plan.

    Happy after IP was off most blocklists, but setup was kinda rough - https://mxtoolbox.com is your friend.

15. dehydrated

    13 36 6,017 1.3 Shell

    letsencrypt/acme client implemented as a shell-script – just add water

    

    Project mention: Dehydrated: Letsencrypt/acme client implemented as a shell-script | news.ycombinator.com | 2024-04-19

    From this commit:

    https://github.com/dehydrated-io/dehydrated/commit/b116e6bc2...

16. win-acme

    14 4 5,401 8.9 C#

    A simple ACME client for Windows (for use with Let's Encrypt et al.)

    

17. certmagic

    15 15 5,177 8.1 Go

    Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

    

    Project mention: Caddy – The Ultimate Server with Automatic HTTPS | news.ycombinator.com | 2025-02-16

    I'm a big fan of pico.sh (it's one of my main inspiration for smallweb.run).

    I'm sure you're aware of it, but it might be interesting to others: caddy exposes all of it's internal as library you can easily integrate to your projects: https://github.com/caddyserver/certmagic

18. pangolin

    16 3 4,087 9.8 TypeScript

    Tunneled Mesh Reverse Proxy Server with Identity and Access Control and Dashboard UI

    

    Project mention: Pangolin: Tunneled Mesh Reverse Proxy Server with Identity and Access Control | news.ycombinator.com | 2025-03-13

19. nginx-proxy-automation

    17 9 2,664 4.7 Shell

    Automated docker nginx proxy integrated with letsencrypt.

    

    Project mention: Manage a multiple websites server with Docker, Treafik and auto SSL certificates | dev.to | 2024-05-12

    Since 2020, I manage a server to host all my fun side projects on it, but it turns out, it became a server to host multiple Wordpress for a couple of clients. At the beginning, I used Docker coupled with Nginx as reverse proxy. However, I migrated to Treafik as Reverse proxy because:

20. acme-dns

    18 39 2,313 3.4 Go

    Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.

    

    Project mention: Migrating Mess with DNS to Use PowerDNS | news.ycombinator.com | 2024-08-19

    Great question. My first pass at the project was looking to conform to the ACME DNS API [1]. There are some tools for cert management that use that API, so it gave me broad tool support with very little effort. The getlocalcert subdomains don't permit user modification of A, MX, or CNAME records on the public DNS; you've got to do that with a private DNS server you provide.

    I may consider extending the service to allow A/AAAA records to private IP ranges, and then I'd need a more full featured API, but this far there hasn't been demand for the feature.

    Hit me up on email if you want to chat more (in profile), we're solving some similar problems.

    [1] https://github.com/joohoi/acme-dns

21. getssl

    19 10 2,143 7.9 Shell

    obtain free SSL certificates from letsencrypt ACME server Suitable for automating the process on remote servers.

    

    Project mention: Let's Encrypt is 10 years old now | news.ycombinator.com | 2024-11-20

    > certbot is a python program, better hope it keeps working

    There is also https://github.com/srvrco/getssl which is a bash script. I have lightly audited it years ago and it did not seem to upload your private keys anywhere... If have used it occasionally, but I don't let it run as root, so I need to copy the retrieved certs into the the server config manually.

22. acmetool

    20 1 2,061 0.0 Go

    :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

    

23. lua-resty-auto-ssl

    21 2 1,955 0.0 Lua

    On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt.

    

24. gobetween

    22 5 1,948 2.4 Go

    :cloud: Modern & minimalistic load balancer for the Сloud era

    

25. Armor

    23 0 1,663 0.0 Go

    Uncomplicated, modern HTTP server

    

26. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

Letsencrypt related posts

• GoDoxy – Easy to use reverse proxy with Docker integration

  1 project | news.ycombinator.com | 23 Mar 2025

• Sprint 4 - TLS Certificates and CSP

  3 projects | dev.to | 13 Mar 2025

• Pangolin: Tunneled Mesh Reverse Proxy Server with Identity and Access Control

  1 project | news.ycombinator.com | 13 Mar 2025

• Pangolin: Tunneled mesh reverse proxy server

  1 project | news.ycombinator.com | 5 Mar 2025

• Technical Guide: Syncing Ingress Resources from various Virtual Cluster on GKE with vCluster

  2 projects | dev.to | 3 Mar 2025

• How to Set Up a Subdomain with Nginx and SSL on DigitalOcean

  2 projects | dev.to | 26 Feb 2025

• Zero Trust at the Edge (part 3)

  2 projects | dev.to | 17 Feb 2025
• A note from our sponsor - CodeRabbit
  coderabbit.ai | 23 Mar 2025

  Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR. Learn more →

Index

Sponsored

CodeRabbit: AI Code Reviews for Developers

Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

coderabbit.ai