[twakefield]

Disclosure: I work at the company that created Teleport.

Teleport [0] should hopefully make it easier to use certificates.

An alternative implementation is Netflix’s Bless [1].

[0] https://github.com/gravitational/teleport

[1] https://github.com/Netflix/bless