Server
Let agents create and run a private certificate authority so internal services get trusted HTTPS without public CA gymnastics.
Overview
Certman is a MCP server for the Ship phase that lets agents create and manage a private Certificate Authority for internal HTTPS.
What is this MCP server?
- Hosted streamable-http remote at https://mcp.certman.app
- Create and manage your own Certificate Authority
- Targets internal HTTPS rather than only public production certs
- Registry version 1.0.1 with no extra secret vars in the published schema
- Single remote endpoint for MCP clients
- 1 published streamable-http remote endpoint
What problem does it solve?
Internal apps stay on untrusted self-signed certs because spinning up and maintaining a private CA feels too manual for a one-person ops stack.
Who is it for?
Builders shipping internal APIs, staging environments, or homelab services who want MCP-guided CA management.
Skip if: Teams who only need standard public Let’s Encrypt certs for public websites with no private PKI needs.
What do I get? / Deliverables
You can issue and manage internal TLS through agent-driven Certman tools so private endpoints present coherent HTTPS trust.
- MCP connection to Certman at mcp.certman.app
- Agent-assisted CA operations for internal HTTPS certificates
Recommended MCP Servers
Journey fit
How it compares
Private CA MCP service, not a public CDN TLS panel or application secrets scanner.
Common Questions / FAQ
Who is app.certman/server for?
Solo devs and small teams operating internal HTTPS services who want agent-assisted certificate authority setup instead of one-off openssl scripts.
When should I use app.certman/server?
Use it in Ship when you are securing internal hosts, staging URLs, or private microservices before or alongside production rollout.
How do I add app.certman/server to my agent?
Add the streamable-http remote https://mcp.certman.app in your MCP client config per Certman’s integration docs if auth is required.