Are there any open source PKI solutions that don't suck?

Question

We are a small IoT Startup and looking for a PKI solution to provision certificates for our devices. I had a look at openxpki, smallstep and PrimeKey, but either they are a pain to run or really expensive.Do you know any other solutions? :)

verdverm · Accepted Answer

CFSSL, cloudflare's OSS CLI for PKI

Nextgrid · Answer

XCA if you need something simple running on a single machine.

rektide · Answer

dogtags (perhaps via freeipa) or cfssl could be options, potentially.

botanicalfriend · Answer

Vault X.509

yuppie_scum · Answer

LetsEncrypt