Completely Self Contained

Run your Public Key Infrastructure (PKI) from one unified interface. Create, manage, and retire keys, ACME accounts, certificates, and more.

Secure API For Clients

Individual consumers of keys and certificates retrieve them from Cert Warden via a straighforward API call using a scoped API key. Keys can be easily rotated for added security or in case of compromise.

Fully Automated

Once you've configured Cert Warden it handles certificate renewals completely autonomously.

Pick Your Favorite Provider

Cert Warden is fully compliant with RFC 8555 which means it will work with any compliant ACME provider you choose.

Dozens of Challenge Methods

Cert Warden has a built in http server for http-01 challenges and supports dozens of DNS providers for dns-01 challenges.

Robust Logging

Robust logging ensures you know who or what is accessing your sensitive information. Detailed debug logging can be enabled for even more insight and troubleshooting.