certmonger is a D-Bus-based service which attempts to simplify interaction with certifying authorities (CAs) on networks which use public-key infrastructure (PKI).
- If it knows the location of a certificate, certmonger can track the expiration date and notify you when the certificate is about to expire.
- If it has access to the corresponding private key and information about the CA which issued the certificate, certmonger can even attempt to automatically obtain a new certificate.
- Supports certificate and key storage in PEM or NSSDB formats.
- Can self-sign certificates, sign them with a system-local certificate, or can submit them to either certmaster, IPA, Dogtag, or an SCEP-compatible server for signing.
There's a dedicated mailing list, but so far most of the work's been tracked in issues and pull requests and in the status page in the source repository.
- Get some source releases.
- The source repository. Clone it by running
git clone https://pagure.io/certmonger.git and have at it.