Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Welcome to CZERTAINLY!


CZERTAINLY is a platform for effective and efficient trust lifecycle management for companies of any size and individuals. One of its goals is to provide an easy and affordable way to secure digital communication and support information security in more and more connected world.

CZERTAINLY is released as a commercial open source project under the MIT License. Additional features and services are available under subscription plans. If you are interested in subscription, please contact us through CZERTAINLY Official Web or use the CZERTAINLY Offical email address email address.

CZERTAINLY is designed and developed by a team of PKI and information security enthusiasts with practical point of view on the certificate management in hybrid environments. PKI is the backbone of security in our daily communication and its security and easy management should be available to everyone.


The CZERTAINLY platform aims to provide easy, secure, and extensible features for certificate management. Among the features are:

  • certificate management (issuing, revocation, renewal) through RA Profile and standard protocols
  • cryptographic key management (generation, encryption, signing, etc.) through Token Profile
  • extensible connectors to support many technologies and implementations of certification authorities, credentials, discovery engines, cryptography, compliance, and more
  • certificate searching in various sources
  • consistent inventory of certificates and cryptographic keys (owners, groups, entities, profiles, and more)
  • dashboard for monitoring and reporting

About the platform

The platform is split into several components:

  • interfaces (UIs, REST API, etc.)
  • authentication and authorization
  • core services provided by the platform (discovery, inventory, connectors, authorities, tokens, etc.)
  • grouping and entity automation
  • data storage
  • connectors and functional groups and types (discovery provider, ca connector, credential provider, cryptography provider etc.)

Components in the platform acts as microservices and the main approach is to keep each service as a simple container.


Repository Description
CZERTAINLY-Interfaces Interfaces to build custom connectors and extend the platform. Each interface is build as a REST API and you can use any technology for building your own extension you like
CZERTAINLY-Core Core services of the platform. This is the brain of the platform taking care about all operation with certificates and managing the connection between different types of connector implementations
CZERTAINLY-Auth Auth service is designed as a central service for managing access control to different resources and related actions and objects, and identify users based on identification token
CZERTAINLY-Auth-OPA-Policies OPA policies for external evaluation of Auth service permissions served for OPA
CZERTAINLY-Documentation Documentation of the platform containing also information for contributors and developers
CZERTAINLY-FE-Administrator Administrator web interface to manage platform and lifecycle of trust services

Providers and Connectors

Repository Description
CZERTAINLY-Common-Credential-Provider Common credential provider that allows to work with basic credentials in the platform
CZERTAINLY-EJBCA-NG-Connector Authority and discovery provider for EJBCA
CZERTAINLY-MS-ADCS-Connector Authority and discovery provider for MS ADCS
CZERTAINLY-X509-Compliance-Provider Compliance provider for X.509 certificates
CZERTAINLY-IP-Discovery-Provider Network discovery provider for internal and external networks
CZERTAINLY-Cryptosense-Discovery-Provider Discovery provider integrated with Cryptosense Analyzer
CZERTAINLY-Keystore-Entity-Provider Entity provider for managing certificates in Java Keystores
CZERTAINLY-Software-Cryptography-Provider Cryptography provider for managing cryptographic keys in software keystores

Supporting repositories

Repository Description
CZERTAINLY-Helm-Charts Helm charts to install and maintain CZERTAINLY
CZERTAINLY-Appliance CZERTAINLY virtual appliance


Repository Description
CZERTAINLY-Keycloak-Theme CZERTAINLY custom Keycloak theme
CZERTAINLY-Keycloak-Optimized Optimized Keycloak for CZERTAINLY platform
CZERTAINLY-Dependencies Helper dependecies for CZERTAINLY component using Java and Spring Boot
CZERTAINLY-Utils-Service Helper service for CZERTAINLY components


Anyone can contribute to CZERTAINLY and we would be happy to support you in that. See Contribution Guide for more information.


The CZERTAINLY platform is released under the MIT License. Some connectors and user interfaces are released under their own licenses or subscriptions. Consult with us for more information.

About the subscription option

Our goal is to support everyone with affordable certificate lifecycle management and to manage certificates and cryptographic keys effectively and securely. We are not a certification authority, and we do not issue certificates. However, like all of us, we need to make some revenue in order to develop further and support our work and lives.

Therefore, we offer subscription based features for our users. With an active subscription you can use the platform with additional functions and connectors that are developed and maintained by us.

This helps us to keep the platform free and open source and provide a better service for everyone.

We are happy to help you out in building other connectors and provide it as open source in the future.


CZERTAINLY - open, transparent, flexible, modern platform for certificate lifecycle management