Curiosity Compliance Audit · PASSED

You passed the Curiosity Compliance Audit.

You scanned a sticker with a giant question mark. Respect.

This QR was not malware. We know that is disappointing at a conference.

Incident status

Your certificate did not expire while you read this. (Give it five minutes.)
99% of QR codes are restaurant menus. This one is for people who have met NXDOMAIN on a TXT record.
HR has not been notified. Yet.

CertLocker runs ACME across major issuers, keeps certs in one place, and issues just-in-time SSH so access is not a PEM file in a wiki.

What we actually do

Or jump straight to the 2am ACME walkthrough →

What we actually do

One control plane for certs, delivery, probes, secrets, and SSH

Everything below is on certlocker.io — pick a rabbit hole. No spreadsheet required.

ACME automation

14+ issuers, live workflow state, DNS-01, and certificate tokens for HAProxy, win-acme, and every RFC 8555 client.

Certificate delivery

Scoped tokens so edges pull the right PEM, chain, and key — no SCP mystery folders.

How delivery works

TLS endpoint probes

See what production is actually serving, not just what inventory claims.

Secrets management

PEM material, credentials, and configs with the same RBAC and audit as certificates.

Secrets feature

Just-in-time SSH

Token-scoped, time-limited bastion access — including a browser terminal on your phone.

Full platform overview → · All features → · Pricing →

For your boss (copy-paste)

We found a mystery QR at the conference. CertLocker centralizes TLS lifecycle and ACME across issuers, plus scoped SSH access — fewer shared keys and fewer renewal surprises.

Where did you find the sticker? (Totally scientific.)

Blog · certlocker.io · DNS TXT records are enough suffering for one day.