Last modified 22 months ago Last modified on 05/07/15 21:09:13


certmonger is a D-Bus-based service which attempts to simplify interaction with certifying authorities (CAs) on networks which use public-key infrastructure (PKI).

  • If it knows the location of a certificate, certmonger can track the expiration date and notify you when the certificate is about to expire.
  • If it has access to the corresponding private key and information about the CA which issued the certificate, certmonger can even attempt to automatically obtain a new certificate.
  • Supports certificate and key storage in PEM or NSSDB formats.
  • Can self-sign certificates, sign them with a system-local certificate, or can submit them to either certmaster, IPA, Dogtag, or an SCEP-compatible server for signing.


Mailing List

There's a mailing list, but so far most of the work's been tracked in this ticketing system and in the status page in the source repository.

Source Code