KrakenKey - Automated TLS certificates in minutes.

KrakenKey automates TLS certificate issuance using ACME DNS-01 challenges. Submit a CSR through the dashboard, CLI, or REST API, and your certificate is issued in about 4 minutes. Private keys are generated client-side and never touch our servers. Certificate monitoring, expiry notifications, and auto-renewal are built in. Free tier includes 3 domains and 10 certificates. Open source.

Hey everyone! I built KrakenKey because managing TLS certificates manually is tedious -- and it's about to get worse. Certificate lifetimes dropped to 200 days this month and will shrink to 47 days by 2029. Renewing by hand every few weeks isn't realistic. KrakenKey handles the hardest part: you submit a CSR (or generate one in the browser), and it takes care of DNS-01 validation and issuance and renewal automatically. The whole process takes about 4 minutes. Privacy was a core design goal. CSRs are generated client-side using the WebCrypto API, so your private key never leaves your browser. If you use the CLI, same thing -- keys stay on your machine. There's a free tier that covers most individual use cases (3 domains, 10 certs, auto-renewal). The project is open source if you want to look under the hood. Would love to hear your feedback -- especially around what integrations or features would make this more useful for your workflow.

KrakenKey - Automated TLS certificates in minutes.

Replies