EdgeCA is an ephemeral, in-memory CA providing service mesh machine identities

View the Project on GitHub edgesec-org/edgeca


EdgeCA is an ephemeral, in-memory CA providing service mesh machine identities. It automates the management and issuance of TLS certificates. It can either run with a self-certificated Root CA certificate or use an issuing certificate retrieved using the Venafi vCert software.

It solves the many limitations of the embedded service mesh CAs by providing developers a fast, easy, and integrated source of machine identities whilst also providing security teams with the required policy and oversight.

It also enables ephemeral certificate-based authorization, which reduces the need for permanent access credentials, explicit access revocation or traditional SSH key management.

EdgeCA is open source, written in Go, and licenced with the Apache 2.0 Licence

For more information read these instructions on how to install and run EdgeCA.

The easiest way to install the application is to use snaps

snap install edgeca

Get it from the Snap Store

Contributing to EdgeCA

EdgeCA is an open source project currently in early development stages. We welcome and appreciate all contributions from the developer community. Please read our documentation on contributing for more information. To report a problem or share an idea, create an Issue and then use Pull Requests to contribute bug fixes or proposed enhancements. Got questions? Join us on Slack!


Copyright 2020-2021 © EdgeSec OÜ. All rights reserved.

EdgeCA is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.