Todd H. Gardner
CEO
Todd H. Gardner is the CEO of CertKit and recovering sysadmin who got tired of certificate renewals ruining weekends.
About CertKit
Built by engineers tired of certificate expirations ruining weekends.
CertKit is an independent team building automated SSL/TLS certificate lifecycle management. We started this because we've lived it. Running production systems, watching certs expire at 2am, gluing together CertBot and bash scripts, and paying enterprise prices for tools that somehow still required us to manage them ourselves.
Why CertKit exists
Certificate management has always been broken. For years the choices have been bad: write your own ACME automation (and maintain it forever), buy a six-figure enterprise PKI platform (and still need a team to run it), or pretend the problem will go away (and renew everything by hand at 2am).
Then the industry started shrinking certificate lifetimes. First to 398 days, then 200, with 47-day certificates on the way in 2029. What used to be an annual ritual became a quarterly fire drill became a monthly liability. Manual renewal stopped being a process. It became a security risk.
We built CertKit because we needed it. We're application engineers who got drafted into PKI through years of running production systems. We know what the failure modes look like, because we've caused most of them. CertKit is the certificate management platform we wish had existed ten years ago.
Our team
Eric Brandes
CTO
Eric Brandes is a software engineer who writes about Certificate Transparency, PKI infrastructure, and why certificate discovery is harder than it should be.
Jordan Griffin
VP Engineering
Jordan Griffin is a software engineer at CertKit who wrangles billions of certificate records and writes about making Clickhouse do things it probably shouldn't.
Backed by TrackJS
CertKit is a product of TrackJS, an independent software company founded in 2012 and based in Minneapolis, Minnesota. For more than a decade, TrackJS has built developer tools used by thousands of engineering teams, including TrackJS error monitoring, Request Metrics web performance monitoring, and RemoteJS remote debugging.
We're bootstrapped. There are no VCs, no acquisition timelines, no growth-at-any-cost pressure. We build tools we'd want to use ourselves, sell them honestly, and stick around to support them. CertKit is the same kind of product, built the same way.
How we work
Trust through accountability
Certificate management is fundamentally a trust problem. We generate and hold your private keys so you don't have to spread them across the servers and laptops of everyone on your team. Keys are generated with strong randomness, stored encrypted, and accessed by a narrow set of operators with logged actions. When something goes wrong, you have one place to look instead of auditing every box.
Automation that's actually automated
Half-baked automation is worse than manual processes. CertKit issues, renews, deploys, and verifies certificates end-to-end. If something fails, we alert you with the actual error message and a remediation path, not a generic "deployment failed."
Support from the people who built it
When you email us, you get an engineer who works on CertKit, not a tier-1 script reader. We answer technical questions with technical answers. We've fixed our own certificate outages at 3am and we know what you need from a vendor in that moment.
Try it out
Start free, or talk to us first. Either works.