Managing TLS certificates often means chasing expiry dates, setting reminders, and manually rotating certs—a process that’s fragile and prone to outages. To prove there’s a better way, I built a prototype combining n8n and HashiCorp Vault that demonstrates the power of automation, and had the opportunity to present this work as a talk at Mumbai FOSS 2025. The Prototype in Action

The workflow I showcased was simple yet powerful:

Monitoring expiry with early alerts

Triggering automatic renewals via Vault’s PKI engine

Deploying renewed certificates without manual steps

Validating results in Vault for full transparency

This wasn’t a slide deck—it was about demonstrating the ability such a system can provide: hands-off certificate lifecycle management, built entirely on open-source tools.

Why n8n + Vault?

n8n brings the flexibility of a visual automation platform—easy to extend, no coding required for most steps.

Vault provides a battle-tested PKI engine with strong security guarantees.

Together, they eliminate vendor lock-in, subscription costs, and opaque “black box” processes.

Beyond the Demo

While I shared this prototype in a lightning talk at Mumbai FOSS 2025, the real takeaway is that any team can replicate it today. Whether managing a handful of certs or rolling this out across multiple environments, the approach scales with your needs.

As a bonus, this same session was also wait-listed for the Open Source Summit India 2025, highlighting the growing interest in practical, open-source security automation.