npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@teamnetwork-nz/sslstore-mcp-server

v0.3.0

Published

MCP server for the SSLStore (The SSL Store) certificate API — manage the full SSL/TLS certificate lifecycle from Claude

Downloads

216

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

darylpetersendarylpetersen

Keywords

mcpmodel-context-protocolssltlscertificatesslstorethesslstorepkix509claude

Readme

sslstore-mcp-server

MCP server for The SSL Store certificate API. Manage the full SSL/TLS certificate lifecycle — order, validate, download, reissue, and revoke certificates — directly from Claude or any MCP-compatible client.

Features

  • Browse the product catalogue and pricing
  • Generate RSA private keys and CSRs locally (key never leaves the machine)
  • Place, track, query, and search certificate orders
  • Download issued certificates in PEM, DER, PKCS7, or ZIP format
  • Reissue and revoke certificates
  • Manage domain control validation (DCV) — resend or change approver emails, switch to DNS/HTTP validation
  • Bundle certificates into PFX/PKCS12 for Windows / IIS / Azure
  • Configure order status webhooks
  • Sandbox and read-only modes for safe exploration
  • Local-timezone date display — all API dates converted to your local time automatically

Requirements

Installation

npm install -g sslstore-mcp-server

Or run directly with npx (no install needed):

npx sslstore-mcp-server

Configuration

All configuration is via environment variables.

| Variable | Required | Default | Description | |---|---|---|---| | SSLSTORE_PARTNER_CODE | Yes | — | Your SSL Store partner code | | SSLSTORE_AUTH_TOKEN | Yes | — | Your SSL Store auth token | | SSLSTORE_SANDBOX | No | true | Set to false to use the live API | | SSLSTORE_READONLY | No | true | Set to false to enable write operations | | SSLSTORE_KEY_DIR | No | ./keys | Directory where generated private keys are saved | | DATETIMEFORMAT | No | local | Timezone for date display. local = system timezone; any IANA name (e.g. Pacific/Auckland, America/New_York) pins a specific zone |

Defaults are safe: the server starts in sandbox + read-only mode. You must explicitly set SSLSTORE_SANDBOX=false and SSLSTORE_READONLY=false to place real orders.

MCP client setup

Claude Code

Add to your project's .mcp.json or user-level MCP config:

{
  "mcpServers": {
    "sslstore": {
      "command": "npx",
      "args": ["sslstore-mcp-server"],
      "env": {
        "SSLSTORE_PARTNER_CODE": "your-partner-code",
        "SSLSTORE_AUTH_TOKEN": "your-auth-token",
        "SSLSTORE_SANDBOX": "false",
        "SSLSTORE_READONLY": "false",
        "DATETIMEFORMAT": "Pacific/Auckland"
      }
    }
  }
}

Claude Desktop

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "sslstore": {
      "command": "npx",
      "args": ["sslstore-mcp-server"],
      "env": {
        "SSLSTORE_PARTNER_CODE": "your-partner-code",
        "SSLSTORE_AUTH_TOKEN": "your-auth-token",
        "SSLSTORE_SANDBOX": "false",
        "SSLSTORE_READONLY": "false",
        "DATETIMEFORMAT": "Pacific/Auckland"
      }
    }
  }
}

Agent guidance

The server supplies MCP instructions that are automatically delivered to the calling agent at session start. These cover:

  • Mode awareness — sandbox vs live, read-only vs read-write, which tools are available
  • Datetime format — accepted input formats (YYYY-MM-DD or MM/DD/YYYY), timezone-aware output
  • Typical workflow — step-by-step from credentials check through to certificate download
  • DCV options — email, DNS, and HTTP validation; how to resend or switch method
  • Irreversible operations — revocation warning, private key security
  • Order searching — filtering by domain, status, expiry window

No special prompting is required — the agent receives these guidelines automatically.

Tools

Discovery

| Tool | Description | |---|---| | validate_credentials | Verify the API is reachable and credentials are valid | | list_products | Browse available certificate products and pricing, optionally filtered by type (DV/OV/EV/Wildcard/Multi-Domain) | | get_approver_list | Get valid DCV approver email addresses for a domain before ordering |

Key & CSR

| Tool | Description | |---|---| | create_certificate_request | Generate an RSA private key and CSR locally. The private key is saved to disk and never transmitted. Optionally validates the CSR via the API. |

Orders

| Tool | Description | |---|---| | submit_order | Place a new certificate order (requires SSLSTORE_READONLY=false) | | get_order_status | Track fulfilment status and domain validation progress | | query_order | Retrieve full order details including contacts and organisation info | | search_orders | Search and filter orders by domain, status, date range, or expiry window | | reissue_certificate | Reissue an existing order with a new CSR (requires SSLSTORE_READONLY=false) | | revoke_certificate | Revoke an issued certificate — irreversible (requires SSLSTORE_READONLY=false) |

Domain Control Validation

| Tool | Description | |---|---| | resend_approver_email | Resend the DCV email or switch to DNS/HTTP validation (requires SSLSTORE_READONLY=false) | | change_approver_email | Permanently change the approver email and trigger a new validation email (requires SSLSTORE_READONLY=false) |

Certificate files

| Tool | Description | |---|---| | download_certificate | Download the issued certificate in PEM, DER, PKCS7, or ZIP format. Can optionally save to disk. | | create_pfx | Bundle a certificate, CA chain, and private key into a PFX/PKCS12 file for Windows/IIS/Azure |

Settings

| Tool | Description | |---|---| | set_order_callback | Configure a webhook URL for order status notifications (requires SSLSTORE_READONLY=false) |

Typical workflow

1. validate_credentials          — confirm API access
2. list_products                 — find the right product code
3. get_approver_list             — get valid DCV emails for your domain
4. create_certificate_request    — generate key + CSR for your domain
5. submit_order                  — place the order
6. get_order_status              — poll until status is ACTIVE
7. download_certificate          — save the issued cert
8. create_pfx                    — bundle for deployment (optional)

Date handling

All dates are shown in the timezone configured by DATETIMEFORMAT. Dates you supply as input (e.g. search date ranges) are accepted in YYYY-MM-DD or MM/DD/YYYY format and sent to the API correctly. API responses in UTC are automatically converted for display.

Development

git clone https://github.com/TEAMnetwork-NZ/sslstore-mcp.git
cd sslstore-mcp
npm install
npm run dev        # watch mode with tsx
npm run build      # compile to dist/
npm run typecheck  # type check without emitting

License

MIT