oriolrius/pki-manager-web

Web-based PKI Manager - Secure X.509 certificate lifecycle management with Cosmian KMS integration

3 stars2 forksUpdated Dec 4, 2025
npx skills add oriolrius/pki-manager-web

README

PKI Manager

A modern, web-based Public Key Infrastructure management application for securely generating, issuing, managing, and revoking X.509 digital certificates.

License Node pnpm

Overview

PKI Manager provides complete control over your Private Key Infrastructure without relying on external certificate authorities. Perfect for enterprises, home labs, and development environments that demand full control over their security infrastructure.

Key Highlights

  • Self-Hosted PKI: Create and manage your own root Certificate Authorities
  • Multi-Type Certificates: Server (TLS/SSL), Client Auth, S/MIME Email, Code Signing
  • Secure Key Management: Integration with Cosmian KMS for secure key storage
  • Bulk Operations: CSV-based bulk certificate creation and batch operations
  • Modern UI: React 19 with light/dark theme support and responsive design
  • Type-Safe: End-to-end TypeScript with tRPC for API type safety

Screenshots

Dashboard

Monitor your PKI at a glance with real-time statistics and expiration tracking.

Dashboard Light Mode

Dashboard - Light Mode

 Dashboard Dark Mode

Dashboard - Dark Mode

Certificate Authority Management

Create and manage self-signed root CAs with flexible configuration options.

CA List

Certificate Authorities List

 Create CA

Create New CA

CA Details

CA Details View

 CA Sample Data

Sample Data Generation

Certificate Management

Issue, manage, and revoke certificates with comprehensive control.

Certificates List

Certificates List with Filters

 Issue Certificate

Issue New Certificate

Certificate with SANs

Subject Alternative Names (SANs)

 Certificate Details

Certificate Details & Export

Bulk Operations

Efficient batch certificate creation and management.

Bulk Creation

Bulk Certificate Creation (CSV)

 Bulk Selection

Bulk Operations (Download, Renew, Revoke)

Features

Certificate Authority Management

  • ✅ Create self-signed root Certificate Authorities
  • ✅ Configurable subject fields (CN, O, OU, C, ST, L)
  • ✅ Key algorithm selection (RSA-2048, RSA-4096)
  • ✅ Flexible validity periods (1-30 years)
  • ✅ CA revocation with reason tracking
  • ✅ Export in multiple formats (PEM, CRT, DER, CER)

Certificate Issuance & Management

  • Server Certificates - HTTPS/TLS for web servers and APIs
  • Client Certificates - Client authentication and mTLS
  • Email (S/MIME) - Email encryption and signing
  • Code Signing - Software and code signing
  • ✅ Subject Alternative Names (DNS, IP Address, Email)
  • ✅ Advanced key algorithms (RSA-2048/4096, ECDSA-P256/P384)
  • ✅ Certificate renewal with same parameters
  • ✅ Revocation with standard reasons (keyCompromise, superseded, etc.)
  • ✅ Comprehensive certificate details view

Export & Download

  • ✅ Multiple formats: PEM, CRT, DER, CER
  • ✅ Certificate chains (PEM Chain)
  • ✅ PKCS#7 (P7B)
  • ✅ PKCS#12 with private key (PFX, P12) - password protected
  • ✅ Java KeyStore (JKS)
  • ✅ Batch download (all formats as ZIP)
  • ✅ Security warnings for private key exports

Bulk Operations

  • ✅ CSV-based bulk certificate creation

...

Read full README

Publisher

oriolriusoriolrius

Topics

certificate-authoritycertificate-managementcosmianfastifykmspkipki-managerreactsecuritytrpctypescriptx509

Statistics

Stars3
Forks2
Open Issues0
LicenseApache License 2.0
CreatedOct 21, 2025