Certman - Certificate Authority That Scales

# Certman Internal TLS. Without the chaos. Certman is a simple, modern way to run your own internal Certificate Authority (CA) and manage private TLS certificates across your infrastructure. It exists for teams that need internal HTTPS — but don't want to become PKI experts. --- ## The Problem Internal TLS is messy. Teams need certificates for: - Internal services - Kubernetes clusters - Staging environments - Private APIs - VPNs - Local development - Zero-trust networks But traditional PKI tooling is: - Complicated - Error-prone - Hard to automate - Easy to misconfigure - Built for enterprises, not product teams So certificates expire. Keys get lost. Revocations are unclear. Infrastructure breaks at the worst moment. --- ## What Certman Does Certman gives teams a clean, reliable internal trust layer. With Certman, you can: - Create and manage private Certificate Authorities - Issue internal TLS certificates (including wildcard + SAN support) - Track expiration dates centrally - Renew certificates before they break things - Revoke certificates instantly when needed - Automate certificate issuance safely - Expose revocation status publicly when required You get internal TLS that behaves predictably. No chaos. No spreadsheet tracking. No ad-hoc OpenSSL scripts. --- ## Who It's For Certman is designed for: - Engineering teams - DevOps / Platform teams - Security-conscious startups - Companies running internal infrastructure - Teams adopting zero-trust or service-to-service TLS It is especially useful when: - You manage many internal services - Certificates frequently expire unexpectedly - You need auditability - You want automation without building your own PKI stack --- ## Key Principles 1. Simplicity over ceremony 2. Automation-first 3. Clear ownership of trust 4. Secure by default 5. No enterprise bloat Certman is not a public certificate authority. It is purpose-built for internal infrastructure. --- ## Security Model - Priva