CertDax is a modern dashboard for managing SSL certificates. Automated ACME requests, deploy agents, email notifications, SSO — everything you need, in one place.
From requesting to deploying — CertDax handles the entire certificate lifecycle.
Automatically request and renew certificates from Let's Encrypt and other ACME-compatible Certificate Authorities.
Cloudflare, TransIP, Hetzner, DigitalOcean, Vultr, OVH, AWS Route 53, Google Cloud DNS, and manual validation.
Lightweight Go binary that runs on any Linux distro. Auto-deploy certificates to servers with zero downtime.
Customizable templates for every certificate event: requested, issued, renewed, expired, errors, and more.
Single sign-on via any OpenID Connect provider. Groups, permissions, and cross-group resource sharing built in.
API key authentication, complete endpoint coverage. Automate everything with scripts or integrate into your CI/CD.
Generate self-signed certificates with custom OIDs for internal services, development, and testing environments.
Set it and forget it. CertDax automatically renews certificates before they expire — no manual intervention required.
Group agents together and deploy certificates to all members at once. Perfect for load balancers and clusters.
A clean stack designed for reliability, performance, and easy deployment.
Modern frontend with Tailwind CSS and Recharts for a responsive, real-time dashboard.
High-performance Python backend with async support, SQLAlchemy ORM, and automatic API docs.
Statically compiled, zero dependencies. Ships as a single binary for 4 architectures.
Multi-stage builds, Docker Compose, ready for Swarm and Kubernetes.
Production database with SQLite support for development. Automatic migrations.
Keys encrypted at rest (Fernet), bcrypt passwords, hashed tokens, JWT auth, non-root containers.
Automatic DNS-01 challenge validation with all major providers.
Deploy CertDax in minutes. Free, open source, and self-hosted.