certimate-go/certimate

★ 8,596GoAudience · ops devopsComplexity · 3/5LicenseSetup · easy

Mindmap

mindmap
  root((repo))
    What it does
      Auto-renew SSL certs
      Deploy to 120 targets
      Web UI at port 8090
    Certificate types
      Single domain
      Wildcard domain
      IP address
    Integrations
      60+ DNS providers
      Let's Encrypt
      ZeroSSL
    Notifications
      Slack Discord
      Telegram email
      Custom webhook

mindmap root((repo)) What it does Auto-renew SSL certs Deploy to 120 targets Web UI at port 8090 Certificate types Single domain Wildcard domain IP address Integrations 60+ DNS providers Let's Encrypt ZeroSSL Notifications Slack Discord Telegram email Custom webhook

Click or tap to explore — scroll the page freely

Things people build with this

USE CASE 1

Automatically renew Let's Encrypt certificates for all your domains and deploy them to Nginx before they expire.

USE CASE 2

Manage wildcard SSL certificates covering all subdomains using DNS-01 validation with Cloudflare or AWS Route 53.

USE CASE 3

Deploy renewed certificates automatically to Kubernetes clusters or CDN providers after each renewal.

USE CASE 4

Get notified on Slack or Telegram whenever a certificate is renewed or if renewal fails.

Tech stack

Getting it running

Difficulty · easy Time to first run · 30min

Requires a server to run on and DNS provider credentials for DNS-01 domain validation.

MIT license: use freely for any purpose, including commercial use, as long as you keep the copyright notice.

In plain English

Certimate is a self-hosted tool that automates the process of getting, deploying, and renewing SSL certificates for websites and services. An SSL certificate is what makes a website use HTTPS instead of plain HTTP, so that traffic between your browser and the server is encrypted. Certificates expire (typically every 90 days for free ones), which means they need to be renewed regularly. Certimate handles all of that automatically. You run it on your own server or computer, meaning your configuration and private keys never leave your infrastructure. It ships as a single binary with no external database or runtime required, uses around 16 MB of memory, and starts with one command. There is a web interface at port 8090 where you set up workflows visually. The tool supports requesting certificates for single domains, multiple domains, wildcard domains (which cover all subdomains), and IP addresses. It can prove domain ownership through two standard methods: DNS-01 (by adding a temporary DNS record) and HTTP-01 (by serving a file at a specific URL). Over 60 DNS registrars are supported for the DNS method, including Cloudflare, AWS Route 53, GoDaddy, and several large Chinese providers. Once a certificate is issued, Certimate can deploy it to more than 120 different targets automatically: web servers, Kubernetes clusters, CDN providers, load balancers, and WAF services. It supports multiple certificate formats for compatibility with different server software. Notifications on renewal events can go to email, Slack, Discord, Telegram, and several other channels. Certimate connects to multiple certificate authorities, including Let's Encrypt, ZeroSSL, and Google Trust Services. The project is MIT licensed and maintained with community contributions. Documentation is at docs.certimate.me.

Copy-paste prompts

Prompt 1

Set up Certimate to auto-renew my Cloudflare domain certificate and deploy it to my Nginx server on the same machine.

Prompt 2

How do I configure Certimate to issue a wildcard certificate that covers all subdomains of my domain?

Prompt 3

Write a Certimate workflow that deploys a renewed certificate to both an AWS load balancer and a Kubernetes cluster.

Prompt 4

How do I add a Telegram notification in Certimate so I get alerted when any certificate renewal fails?

Open on GitHub → Explain another repo

← certimate-go on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.