Lemur is a certificate management tool that automates the issuance, renewal, and deployment of SSL/TLS certificates to enhance security and operational efficiency.
Repository for the Lemur Certificate Manager
Lemur is primarily used by security and DevOps teams to manage the lifecycle of digital certificates across an organization, reducing manual overhead and minimizing the risk of expired or misconfigured certificates. It enables automated certificate issuance, renewal, and integration with various certificate authorities and deployment targets.
Lemur requires proper configuration of certificate authorities and access controls to ensure secure operations; it is recommended to run Lemur in a controlled environment with restricted access to private keys and sensitive data.
Clone the repository: git clone https://github.com/Netflix/lemur.git
Navigate to the project directory: cd lemur
Install dependencies: pip install -r requirements.txt
Configure Lemur by editing the configuration files as needed
Initialize the database and run migrations
Start the Lemur server using the provided startup scripts or commandslemur create-certificate --name <cert_name> --authority <CA_name>
Creates a new certificate using the specified certificate authority
lemur renew-certificate --id <certificate_id>
Renews an existing certificate by its unique identifier
lemur list-certificates
Lists all certificates currently managed by Lemur
lemur delete-certificate --id <certificate_id>
Deletes a certificate from Lemur's inventory
lemur export-certificate --id <certificate_id> --format <pem|der>
Exports the specified certificate in the desired format