x.509 Certificate Provider charms available in a Stable release

x.509 Certificate Provider charms available in a Stable release

X.509 certificates are vital in the security of many Internet protocols, including TLS/SSL. If your charm workload communicates over HTTPS, you most likely need these certificates. Within the Juju ecosystem, the tls-certificates charm relation interface handles X.509 certificate creation, renewal, and revocation.

There are many charms that act as providers of this interface and we are proud to announce that they have all been promoted to a “stable” release.

Self-Signed Certificates

Ideal for development and non-production environments, the self-signed-certificates operator provides self-signed certificates in the charm ecosystem. Upon deployment, the self-signed-certificates operator generates a private key and a Certificate Authority (CA) certificate (that is not signed by any authority). The operator signs each certificate request it receives using this self-signed CA certificate.

Manual TLS Certificates

Your organisation has a manual process to request certificates? No problem. The manual-tls-certificates operator supports Juju actions to list certificate requests, retrieve signing requests, and supply manually obtained certificates.

Let’s Encrypt certificates

You want an automated approach to certificate related operations. Use the LEGO charm operator specific to your DNS provider to request certificates using the ACME protocol.

Route 53


HTTP Request

Want to know more?

If you are not sure which certificates provider is the right one for you, read this topic. You can also join the team on Matrix here.


@mykola.marzhan @deusebio I encourage to point your data platform deployments and documentations to latest/stable! :slight_smile:

1 Like