# Certwarden Certificate Management

A bash script for managing SSL/TLS certificates through the Certwarden API. This tool provides a simple interface for downloading, installing, and managing certificates on your system.

## Features

- Download certificates and private keys from Certwarden server
- Automatic installation with proper permissions
- List installed certificates
- Check certificate expiration dates
- Interactive menu-driven interface
- Automated mode support through environment variables

## Prerequisites

The script requires the following dependencies:
- `curl`: For API interactions
- `jq`: For JSON processing
- `openssl`: For certificate operations

## Installation

1. Clone this repository:
```bash
git clone <repository-url>
cd certman
```

2. Make the script executable:
```bash
chmod +x certman.sh
```


3. Create a `.env` file with your configuration:
```bash
CERTWARDEN_SERVER="certwarden.dmz.skyfritt.net"
API_KEY=""

CERT_NAME="$(hostname).crt" # defaults to hostname
CERT_PATH="/etc/ssl/certs"
KEY_PATH="/etc/ssl/private"

AUTO_MODE="false"
TEMP_PATH="/tmp/cert_temp"
```

### Environment Variables Explained

| Variable | Description | Default Value | Required |
|----------|-------------|---------------|----------|
| CERTWARDEN_SERVER | Certwarden API server hostname | certwarden.dmz.skyfritt.net | Yes |
| API_KEY | Your Certwarden API key | Empty | Yes for auto mode |
| CERT_NAME | Certificate name to manage | $(hostname).crt | Yes |
| CERT_PATH | Directory for certificate storage | /etc/ssl/certs | Yes |
| KEY_PATH | Directory for private key storage | /etc/ssl/private | Yes |
| AUTO_MODE | Enable automated operation | false | No |
| TEMP_PATH | Temporary directory for downloads | /tmp/cert_temp | Yes |