cfssl

Cloudflare's PKI and TLS toolkit

CFSSL is Cloudflare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates. CFSSL consists of: * a set of packages useful for building custom TLS PKI tools * the cfssl program, which is the canonical command line utility using the CFSSL packages * the multirootca program, which is a certificate authority server that can use multiple signing keys * the mkbundle program is used to build certificate pool bundles * the cfssljson program, which takes the JSON output from the cfssl and multirootca programs and writes certificates, keys, CSRs, and bundles to disk