Launched this week

WRVault

Launched this week

mTLS certificate and JWT key management with auto-rotation

4 followers

mTLS certificate and JWT key management with auto-rotation

4 followers

Visit website

Managing X.509 certs and JWT signing keys is tedious — tracking expiry, distributing public keys, rotating manually. WRVault handles the full lifecycle: generate mTLS certs (PEM/DER/PKCS#12), create RSA/ECDSA JWT key pairs with a public JWKS endpoint, and get alerted on Slack/Discord/email before expiry. Auto-rotation on a configurable schedule. REST API and GitHub Actions integration for CI/CD. Free crypto tools included — no account needed.

Free

Launch tags:API•Development•Security

Launch Team

Layout Agent 2.0 — Thinks before it builds

Thinks before it builds

Promoted

Maker

📌

I built WRVault after managing certs and JWT keys manually across a few projects got painful — spreadsheets for expiry tracking, manual JWKS distribution, last-minute rotations. I wanted something that handled the full lifecycle without being a full-blown PKI system or requiring a dedicated ops team. WRVault is the result: generate, rotate, alert, and expose a JWKS endpoint your auth server can point to directly. The free crypto tools (JWT decoder, PEM↔JWK, cert decoder, AES-256-GCM) are there for anyone who needs quick browser-based utilities without signing up. Happy to answer questions about the technical side or specst feedback welcome — especially if something feels missingfor your workflow.

Report

2d ago

Nice launch, Walid. I like that you’re trying to solve the annoying middle ground between manual cert/key management and a full-blown PKI setup.

I’m curious what you’ve seen developers struggle with most in this workflow. Is WRVault mainly helping with expiry tracking, safe rotation, or making JWT public key distribution less painful?

Report

14h ago

Maker

@danush_singla Thanks Danush! Honestly all three, but expiry tracking + last-minute rotation causes the most pain in practice, most teams rely on a calendar reminder until it fails them. The JWKS endpoint solves the “which public key is current?” problem across multiple services. Happy to dig into any specific part of your workflow!

Report

14h ago

@vaulter That makes sense. I’ll admit I’m more used to managed cloud setups where AWS abstracts a lot of the key/cert pain away, so I haven’t had to manage this exact workflow directly.

But I can see how the calendar-reminder approach becomes dangerous once multiple services depend on the right key being current. For teams using WRVault, is the first big value usually avoiding expiry surprises, or getting enough confidence in rotation that they stop handling it manually?

Report

13h ago

Maker

@danush_singla Both, but they're sequential. Expiry surprises are usually what brings someone in; a cert dies on a Friday night and the team realises their "process" was a calendar reminder nobody owned. The stickier value is rotation confidence: once alerts and a JWKS endpoint are in place, rotation stops feeling like a risky event and becomes routine.

The AWS comparison is fair, ACM handles TLS certs well, but JWT signing keys are still a gap. No managed service covers "generate a key, publish it as JWKS, alert before expiry, rotate without breaking downstream services." That's the slice WRVault is targeting.

Report

13h ago

That makes sense. Expiry surprises get attention, but rotation confidence is what makes it stick.

I’m curious how you handle the team that knows their current process is fragile, but hasn’t been burned badly enough yet to change it. Do they usually understand the risk right away when they see WRVault, or do you have to show them what could break in their current key/cert workflow before they take it seriously?

Report

13h ago