SS
ssl-certificate-management
>
Install
mkdir -p .claude/skills/ssl-certificate-management && curl -L -o skill.zip "https://agentskills.codes/api/skills/download/16155" && unzip -o skill.zip -d .claude/skills/ssl-certificate-management && rm skill.zipInstalls to .claude/skills/ssl-certificate-management
Activation
This is the description your AI agent reads to decide when to run this skill — the better it matches your request, the more reliably it fires.
Manage SSL/TLS certificates with automated provisioning, renewal, and monitoring using Let's Encrypt, ACM, or Vault.116 charsno explicit “when” trigger
About this skill
SSL Certificate Management
Table of Contents
Overview
Implement automated SSL/TLS certificate management across infrastructure, including provisioning, renewal, monitoring, and secure distribution to services.
When to Use
- HTTPS/TLS enablement
- Certificate renewal automation
- Multi-domain certificate management
- Wildcard certificate handling
- Certificate monitoring and alerts
- Zero-downtime certificate rotation
- Internal PKI management
Quick Start
Minimal working example:
# cert-manager-setup.yaml
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: [email protected]
privateKeySecretRef:
name: letsencrypt-prod
solvers:
# HTTP-01 solver for standard domains
- http01:
ingress:
class: nginx
selector:
dnsNames:
- "myapp.com"
- "www.myapp.com"
# DNS-01 solver for wildcard domains
- dns01:
route53:
region: us-east-1
// ... (see reference guides for full implementation)
Reference Guides
Detailed implementations in the references/ directory:
| Guide | Contents |
|---|---|
| Let's Encrypt with Cert-Manager | Let's Encrypt with Cert-Manager |
| AWS ACM Certificate Management | AWS ACM Certificate Management |
| Certificate Monitoring and Renewal | Certificate Monitoring and Renewal |
| Automated Certificate Renewal | Automated Certificate Renewal |
| Certificate Pinning | Certificate Pinning |
Best Practices
✅ DO
- Automate certificate renewal
- Use Let's Encrypt for public certs
- Monitor certificate expiration
- Use wildcard certs strategically
- Implement certificate pinning
- Rotate certificates regularly
- Store keys securely
- Use strong key sizes (2048+ RSA, 256+ ECDSA)
❌ DON'T
- Manual certificate management
- Self-signed certs in production
- Share private keys
- Ignore expiration warnings
- Use weak key sizes
- Mix dev and prod certs
- Commit certs to git
- Disable certificate validation