cfssl

CloudFlare's PKI/TLS toolkit

CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates. CFSSL consists of: * the cfssl program, which is the canonical command line utility using the CFSSL packages. * the multirootca program, which is a certificate authority server that can use multiple signing keys. * the mkbundle program for building certificate pool bundles. * the cfssljson program, which takes the JSON output from the cfssl and multirootca programs and writes certificates, keys, CSRs, and bundles to disk.