CFSSL
A PKI/TLS toolkit for signing, verifying, and bundling TLS certificates, available as a CLI tool and HTTP API server.
What is CFSSL?
CFSSL is an open-source PKI/TLS toolkit developed by Cloudflare that provides a comprehensive suite of tools for managing TLS certificates. It functions as both a command-line utility and an HTTP API server, enabling developers to sign, verify, bundle, and generate certificates efficiently. It solves the complexity of building and operating custom Public Key Infrastructure by offering a modular, programmatic approach to certificate lifecycle management.
System administrators, DevOps engineers, and security professionals who need to automate TLS certificate issuance, manage internal CAs, or integrate PKI operations into their infrastructure.
Developers choose CFSSL for its dual CLI and API interface, its flexibility in supporting both local and remote signing operations, and its robust feature set including multi-root CA support and OCSP handling—all packaged in a single, Go-based toolkit.
Overview
CFSSL: Cloudflare's PKI and TLS toolkit
Use Cases
Best For
- Building internal certificate authorities for development or production environments
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
