End-to-end encryption for every workload, device, and person.
Quickly identify security issues, prioritize what matters, and protect network assets. Built for modern operational environments on the cloud and on-premise.
When security is easy, everyone wins.
Smallstep turns zero trust into practical tools and platforms that empower teams to properly secure their infrastructure.
The Smallstep Platform
Certificate Manager
Automated TLS/SSL Certificates
Dramatically decrease your attack surface for your entire organization. Smallstep Certificate Manager quickly gets you up and running by createing your own private certificate authority, managing certificates and endpoints, and automating all of the renewal processes.
Smallstep SSH
Single Sign-On SSH
Use SSH Certificates to bridge the gap between your identity provider and your servers.
Use Cases
Private ACME Server
Automatically Issue and renew certificates on servers, internal websites, and the entire ACME ecosystem without human interaction.
Self-Service Certificates
Streamline manual workflows and connect single sign-on for humans accessing APIs, certificate creation, or mTLS & SSH connections.
Workload Identity
Manage cryptographic identities across all your microservices, bots, virtual machines, and workloads using short-lived TLS certificates.
Device Identity
Connect IoT devices to cloud, identify machines in the field, and secure mobile and laptop connections with automated credentials.
The Smallstep Platform
An opinionated, extensible platform for DevSecOps public key infrastructure (PKI)
Authority
Certificate or registration authorities powered by step-ca. Authorities are used to issue and sign certificates.
Certificate or registration authorities powered by step-ca. Authorities are used to issue and sign certificates.
Machinery for end-to-end certificate lifecycle management. Provisioners identity proof certificate signing requests.
Endpoint catalogs provide teams with the ability to view what matters, the endpoint, not the certificate. Build and promote good security practices with Endpoint cataloging.
JSON documents to describe the most important attributes of a certificate. Templates are used to customize x.509 or SSH certificates for any use case.
Monitoring and alerting for Endpoints and certificate lifecycle activities. Observability events deliver peace of mind and empower compliance audits.
Run Anywhere
High availability, effortless scalability, and for-the-masses usability— in our cloud or yours
Built on the Leading Open Source Certificate Toolchain
step-ca provides the infrastructure, automations, and workflows to securely create and operate a private certificate authority.
step is the command-line tool for developers, operators, and security professionals to configure, operate, and automate the smallstep toolchain.
Trusted By
Smallstep is a very powerful yet simple to use toolchain that works exactly as intended.
KCF Technologies
The ease of using Smallstep, without having to think too hard about getting it right, made a big difference.
James Legg from Conversocial
Smallstep SSH is exactly what we needed. The security benefits and time savings made it easy to justify the investment.
Joe Doss, Principal Systems Architect
Get Started Today!
Automate certificates for all your workloads and people with the Smallstep Platform.
Related Resources
Get your self-service free hosted private CA today
Try Certificate Manager >
Experience single sign-on SSH using certificates in 5 min
Try free >
Join our discord community for all things open-source smallstep
Smallstep on Discord >