Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more ā
Top 23 X509 Open-Source Projects
-
certificates
š”ļø A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
forge
A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps (by digitalbazaar)
-
cli
š§° A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc. (by smallstep)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
go-guardian
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.
-
openssl
Fork of OpenSSL 1.1.1 that includes prototype quantum-resistant algorithms and ciphersuites based on liboqs [OQS-OpenSSL 1.1.1 is NO LONGER SUPPORTED, please switch to OQS-Provider for OpenSSL 3] (by open-quantum-safe)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
You can roll your own with https://github.com/smallstep/certificates. We maintain major open source projects and contribute a lot to other projects. I donāt think that means everything we do has to be open source. Sorry this one wasnāt. Doing this in pure open source would be a book, not a blog post.
Love Letās Encrypt ā weāre sponsors ā but using them for WiFi is a terrible idea. You need internal PKI for WiFi.
I recommend using PHPSecLib which has a powerful SSH library that is far more versatile than the official PHP SSH extension.
Project mention: Forge: Native implementation of TLS in JavaScript for web apps | news.ycombinator.com | 2024-03-24
Project mention: Google will disable all but OAuth for IMAP, SMTP and POP starting Sept. 30 | news.ycombinator.com | 2024-01-18https://github.com/smallstep/cli implements some OAuth flows from the CLI, it may be helpful for you.
Project mention: Ask HN: What are some of the most elegant codebases in your favorite language? | news.ycombinator.com | 2023-06-17
XCA PKI (https://github.com/chris2511/xca) Local Certificate Authority software used for generating internal CA and SSL certs. All of my HTTPS interfaces in my lab have the magic green padlock. I did this for no other reason than to learn more about how to manage and deploy SSL certificates also, the Chrome security warnings are really annoying.
Project mention: SSLMate/Certspotter: Certificate Transparency Log Monitor | news.ycombinator.com | 2023-11-02
Project mention: Certificate Ripper v2.2.0 released - tool to extract server certificates | /r/linuxadmin | 2023-10-26Link: https://github.com/Hakky54/certificate-ripper/releases
For my scope the PS module is enough. https://github.com/PKISolutions/PSPKI
Yup, the two most popular are:
https://github.com/zmap/zlint
https://github.com/certlint/certlint
They each have their strengths and weaknesses, so CAs are advised to use both.
Project mention: I looked through attacks in my access logs. Here's what I found | news.ycombinator.com | 2024-01-28Was looking into Certificate Transparency logs recently. Are there any convenient tools/methods for querying CT logs? i.e. search for domains within a timeframe
Cloudflareās Merkle Town[0] is useful for getting overviews, but I havenāt found an easy way to query CT logs. ct-woodpecker[1] seems promising, too
[0] https://ct.cloudflare.com/
[1] https://github.com/letsencrypt/ct-woodpecker
Showcert is OpenSSL for humans, much simpler to use and it has gencert utility to generate certificates. Very easy.
X509 related posts
- Forge: Native implementation of TLS in JavaScript for web apps
- We build X.509 chains so you don't have to
- SSLMate/Certspotter: Certificate Transparency Log Monitor
- Last Chance to Fix EIDAS (Mozilla)
- Certificate Ripper v2.2.0 released - tool to extract server certificates
- (StarLAN) Personal Home Lab
- Distributing ACME Let'sEncrypt certs for homelab
-
A note from our sponsor - InfluxDB
www.influxdata.com | 25 Apr 2024
Index
What are some of the best open-source X509 projects? This list will help you:
Project | Stars | |
---|---|---|
1 | certificates | 6,131 |
2 | PHPSecLib | 5,247 |
3 | forge | 4,945 |
4 | cli | 3,478 |
5 | Botan | 2,406 |
6 | acmetool | 2,022 |
7 | xca | 1,336 |
8 | certigo | 920 |
9 | certspotter | 913 |
10 | certificate-ripper | 665 |
11 | go-guardian | 528 |
12 | webpki | 451 |
13 | PSPKI | 359 |
14 | zlint | 341 |
15 | openssl | 286 |
16 | tls-scan | 273 |
17 | ssl-checker | 239 |
18 | ct-woodpecker | 170 |
19 | secret_handshake | 139 |
20 | win-ca | 99 |
21 | lokey | 93 |
22 | CryptoNet | 88 |
23 | showcert | 67 |
Sponsored