# VaulTLS ## mTLS certificate management made easy On this subreddit there is at least once a week a post about how to secure our home servers. I...
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/7ritn on 2025-06-12 13:23:19+00:00.

VaulTLS

mTLS certificate management made easy

On this subreddit there is at least once a week a post about how to secure our home servers. I personally believe that mTLS (if supported by the app developer) is the best way. However, this involves creating a CA and managing user certificates. While not difficult per se, it is a hassle having to keep track of expiration dates, copying pkcs12 files as well as managing OpenSSL. Current solution such as certgen do not provide a web interface and others like EJBCA are too much for a simple setup. Thus I created VaulTLS, a certificate management designed for simple deployment and management.

VaulTLS is a modern solution for managing mTLS (mutual TLS) certificates with ease. It provides a centralized platform for generating, managing, and distributing client TLS certificates for your home lab.

Features

  • 🔒 mTLS client and CA certificate management
  • 📱 Modern web interface for certificate management
  • 🔐 OpenID Connect authentication support
  • 📨 Email notifications for certificate expiration
  • 🚀 RESTful API for automation
  • 🛠 Developed around Docker/Podman container
  • ⚡ Built with Rust (backend) and Vue.js (frontend) for performance and reliability

Interested?

You can check it out here: https://github.com/7ritn/VaulTLS

While I have developed VaulTLS mostly because I needed a problem fixed, I hope I can help some of you too.