Certrust - Self-Hosted Local SSL Certificate Manager

Certrust is an open-source, self-hosted Local SSL Certificate Manager designed to simplify the management of SSL certificates for local development environments. It empowers developers and system administrators to create and manage certificate authorities, generate SSL certificates, and streamline certificate renewal processes. Certrust is built on top of the OpenSSL library, ensuring robust security practices.

📋 Features

• Certificate Authority Management: Easily create and manage root authorities and sub-authorities to issue SSL certificates for your local domains.

• Certificate Generation: Generate SSL certificates for your local domains using the authorities you've created.

• Certificate Renewal (Work in progress): Automate certificate renewal processes to ensure continuous SSL security.

• Docker Integration: Certrust is Docker-ready, making it convenient for users to self-host the service without complicated setup procedures.

• Web Application: The Certrust web app is built using Laravel, providing a user-friendly interface for managing certificates and authorities.

🚀 Getting Started

Requirements

• Docker & Docker-compose.
• Git.

Production

With official images. (recommended)

Here is a docker-compose example to get you started quickly.

services:
    api:
        image: iceish/certrust:api-v0.1.0-beta
        container_name: ct-certrust-api
        tty: true
        environment:
            SERVICE_NAME: api
            SERVICE_TAGS: dev
        working_dir: /var/www/html
        networks:
            - net-certrust

    client:
        image: iceish/certrust:client-v0.1.0-beta
        container_name: ct-certrust-client
        networks:
            - net-certrust

    database:
        image: mariadb:11.1.2
        container_name: ct-certrust-database
        environment:
            MYSQL_ROOT_PASSWORD: root
            MYSQL_DATABASE: certrust
            MYSQL_USER: certrust
            MYSQL_PASSWORD: certrust
        healthcheck:
            test: [ "CMD", "healthcheck.sh", "--su-mysql", "--connect", "--innodb_initialized" ]
            interval: 10s
            timeout: 5s
            retries: 3
        volumes:
            - vol-certrust-database:/var/lib/mysql
        networks:
            - net-certrust

    webserver:
        image: iceish/certrust:webserver
        container_name: ct-certrust-webserver
        depends_on:
            api:
                condition: service_started
            client:
                condition: service_started
            database:
                condition: service_healthy
        tty: true
        ports:
            - 80:80
        networks:
            - net-certrust

networks:
    net-certrust:

volumes:
    vol-certrust-database:

With source code.

1. Clone the Repository: Begin by cloning this repository to your local machine:

   git clone https://github.com/Iceish/certrust.git -b stable
   cd certrust/

2. Configure your environment:

   1. In the Api folder, copy the .env.example file to .env.production and update the environment variables to match your configuration.

      cd api/
      cp .env.example .env.production
      vim .env.production
      cd ../

   2. In the docker-compose.prod.yml file (in the root folder), update the environment variables to match your configuration.

      vim docker-compose.prod.yml

3. Start Certrust: Start Certrust using Docker Compose:

   docker-compose -f docker-compose.prod.yml up -d

4. Initialize the app: Certrust needs to initialize the app for the first time. Run the following command:

   docker-compose -f docker-compose.prod.yml exec api ./certrust-cli.sh init

5. Access the App: Once the containers are up and running, access the Certrust app through your browser by visiting http://localhost/.

Development

See api/ for more information about Laravel API.

See web/ for more information about Svelte-kit Web UI.

🗺️ Roadmap

To keep a track of our progress, we maintain a roadmap for the project. The roadmap contains a list of features that we are currently working on and features that we plan to work on in the future.

• See ROADMAP.md for more information about incoming changes.

❤️ Contributing

Certrust is an open-source project, and we welcome contributions from the community. Here's how you can get involved:

• Open Issues: If you encounter issues or have ideas for enhancements, please open an issue to share your feedback.

• Pull Requests: Contribute to the project by submitting pull requests. Follow our contribution guidelines and coding standards.

• Spread the Word: If you find Certrust useful, help us reach more users by sharing it with your network.

Check out our contributing guidelines for more information.

⛓ License

Certrust is released under the GPL-3.0 License. You are free to use, modify, and distribute the software in accordance with the terms of the GPL-3.0 license.

🌠 What's next ?

Certrust is in its early stages, and there are numerous possibilities for future development and improvement. Your contributions and feedback will help shape the project's evolution. Together, we can create a powerful tool for SSL certificate management in local development environments.