🔒 CERTICA — CERTs In a Click, Always.

Certica is a user-friendly CA certificate generation tool for local development and testing with multi-language support.

🎯 Are You Tired of Certificate Management Headaches?

Hey there, developer or small system operator! 👋

You know that feeling when you're trying to test your system's TLS setup, or setting up some open-source software, or working with container tools, and you need to manually sign certificates? Yeah, we've all been there.

Since you're working in a development or small internal system environment, security requirements aren't super strict, but the certificate management process is still a pain:

"Where did I put that CA again?" 🤔 You've created so many CAs for different projects, and now you can't remember which certificate belongs to which CA.
"Wait, when does this certificate expire?" ⏰ You set it up months ago, and now you're getting TLS errors out of nowhere.
"What was that OpenSSL command again?" 📝 You know you've done this before, but the exact command syntax? Nope, it's gone from your memory.
"Ugh, preparing those config files is so tedious!" 😫 You need to carefully craft those DNS names and domain names, and one tiny typo means starting all over.
"This is killing my productivity!" 😤 What should be a 2-minute task turns into a 20-minute debugging session.

Well, those days are NO MORE! 🎉

Meet Certica - Your TLS Management Superhero

Certica is here to save your day! It's designed to be dead simple - even a complete beginner can use it. Whether you're a developer or a small system operator, Certica is your TLS management magic wand.

What does Certica do? Just three things, and it does them brilliantly:

Generate CAs - Create root certificate authorities with ease
Sign Certificates - Issue certificates quickly with the right DNS names and domains
Manage Relationships - Keep track of which certificate belongs to which CA, automatically

How simple is it?

Installation? One command: pip install certica
UI? Beautiful, intuitive, and works right in your console - no GUI needed!
Command line? One simple command, and you've got a certificate ready for testing or simple deployments
Templates? Save your common configurations and reuse them - no more typing the same stuff over and over

The best part? It's so easy that even a complete beginner can use it. But it's powerful enough to be a real game-changer for developers and operators managing TLS certificates.

Currently supports Linux only, with full console UI interaction support.

Certica UI Demo

✨ Features

🔐 Root CA Creation - Generate self-signed root certificates and private keys
📜 Certificate Signing - Sign server and client certificates with configurable DNS names and IP addresses
📝 Template Support - Save common configurations in templates to reduce repetitive input
🎨 Interactive UI - Beautiful terminal graphical interface using Rich library with emoji icons
💻 Command Line Interface - Full CLI support for automation and scripting
🔧 System Integration - Install/remove CA certificates from system trust store
🌍 Multi-Language - Support for English, Chinese, French, Russian, Japanese, and Korean
🗂️ Smart Organization - Certificates automatically organized by CA for easy management
✅ Installation Verification - Automatic verification of certificate installation and removal
🐧 Multi-Distribution - Automatic Linux distribution detection with appropriate installation methods

📦 Installation

For End Users

Option 1: Install with pip (Standard Method)

pip install certica

Option 2: Install with uv (Fast and Recommended)

uv is a fast Python package installer. First, install uv:

# Install uv
curl -LsSf https://astral.sh/uv/install.sh | sh

Then install certica from PyPI:

# Install certica using uv
uv pip install certica

Or if you prefer to use uv in a virtual environment:

# Create a virtual environment
uv venv

# Activate the virtual environment
# On Linux/macOS:
source .venv/bin/activate
# On Windows:
.venv\Scripts\activate

# Install certica
uv pip install certica

Verify Installation

After installation, verify that certica is installed correctly:

certica --help

You should see the help message with available commands.

Quick Start After Installation

Once installed, you can immediately start using certica:

# Launch interactive UI (recommended for beginners)
certica ui

# Or use command line mode
certica create-ca --name myca

For Developers

Development Setup with uv (Recommended)

This project uses uv for fast dependency management. Install uv first:

curl -LsSf https://astral.sh/uv/install.sh | sh

Then set up the development environment:

Recommended: For active development

# Install package with all development dependencies (recommended)
make dev-install

# Or manually with uv (dev group is installed by default)
uv sync --group docs

Alternative: Dependencies only (for CI/CD or code review)

# Create virtual environment and install dependencies only (without installing the package)
# Useful for: CI/CD pipelines, code review, or when you only need development tools
make setup-venv

# Later, if you need to install the package:
make install

All make commands will automatically use uv if available, otherwise fall back to pip.

For detailed setup instructions, see SETUP.md.

🚀 Quick Start

Interactive UI Mode (Recommended for Beginners)

To launch the interactive UI, use the ui command:

certica ui

Or with a specific language:

certica ui --lang zh  # Chinese
certica ui --lang fr  # French
certica ui --lang ru  # Russian
certica ui --lang ja  # Japanese
certica ui --lang ko  # Korean

Important Notes:

The --lang option is only available in UI mode (certica ui --lang <code>)
CLI commands always use English for script compatibility
Running certica without any command shows help information

The interactive interface provides:

🎨 Beautiful graphical interface
🔒 Clear menu options with emoji icons
📋 Formatted table displays
🖥️ Automatic certificate type recognition
📑 Filter certificates by CA

Command Line Mode

Important:

Running certica without any command shows help information
Use certica ui to enter interactive mode
The --lang option is only available in UI mode (certica ui --lang <code>)
CLI commands always use English for script compatibility

Create Root CA Certificate

# Use default values
certica create-ca

# Custom parameters
certica create-ca --name myca --org "My Company" --validity 3650

# Use template
certica create-ca --template myorg --name myca

Sign Certificate

# Sign server certificate
certica sign --ca myca --name nginx-server --type server \
    --dns localhost --dns example.com --ip 127.0.0.1

# Sign client certificate
certica sign --ca myca --name client1 --type client

# Use template
certica sign --ca myca --name server1 --template myorg --type server

List Certificates

# List all CAs
certica list-cas

# List all signed certificates
certica list-certs

# List certificates for a specific CA
certica list-certs --ca myca

System Certificate Management

# Install CA to system (requires sudo privileges)
certica install --ca myca

# Remove CA from system (requires sudo privileges)
certica remove --ca myca

🌍 Language Support

Certica supports multiple languages in UI mode only. Use the --lang or -l option with the ui command:

# Launch UI with English (default)
certica ui

# Launch UI with Chinese
certica ui --lang zh

# Launch UI with French
certica ui --lang fr

# Launch UI with Russian
certica ui --lang ru

# Launch UI with Japanese
certica ui --lang ja

# Launch UI with Korean
certica ui --lang ko

Supported languages:

en - English (default)
zh - Chinese (中文)
fr - French (Français)
ru - Russian (Русский)
ja - Japanese (日本語)
ko - Korean (한국어)