Package Information
Downloads: 5 weekly / 43 monthly
Latest Version: 1.0.3
Author: Eric Kenny
Documentation
n8n-nodes-bounca
An n8n community node for BounCA — a self-hosted PKI management tool for creating and managing X.509 certificates.
n8n is a fair-code licensed workflow automation platform.
Features
- Certificate Management — Create Root CAs, Intermediate CAs, Server, Client, Code Signing, and OCSP certificates
- Certificate Lifecycle — Revoke, renew, and inspect certificates
- File Downloads — Download PEM files and ZIP bundles as n8n binary data
- CRL Management — Retrieve and renew Certificate Revocation Lists
- App Token Management — Create and manage application API tokens
- Account Management — View and manage the current user account
Supported Resources & Operations
Certificate
| Operation | Description |
|---|---|
| List | List all certificates with filtering (type, revoked, expired, search) |
| Get | Get a certificate by ID |
| Create | Create a new certificate (Root CA, Intermediate CA, Server, Client, etc.) |
| Revoke | Revoke a certificate (soft-delete, updates CRL) |
| Renew | Renew a leaf certificate with a new expiry date |
| Get Info | Get human-readable certificate text info |
| Get Private Key | Retrieve the PEM-encoded private key |
| Download | Download certificate files as binary (PEM or ZIP archive) |
| Get CRL | Download the Certificate Revocation List as binary |
| Renew CRL | Re-sign and publish an updated CRL |
App Token
| Operation | Description |
|---|---|
| List | List all app tokens for the current user |
| Get | Get an app token by ID |
| Create | Create a new named app token |
| Delete | Delete an app token |
Account
| Operation | Description |
|---|---|
| Get | Get the current user account details |
| Delete | Delete the account and all associated certificates |
Installation
Follow the n8n community nodes installation guide.
In your n8n instance, go to Settings > Community Nodes and install:
n8n-nodes-bounca
Credentials
Configure a BounCA API credential with:
| Field | Description |
|---|---|
| Base URL | Your BounCA instance URL (e.g., https://bounca.example.com) |
| Authentication Method | Username & Password (auto-login) or static API Token |
| Username / Password | Used when auth method is Username & Password |
| API Token | Used when auth method is API Token |
| Verify SSL Certificate | Disable for self-signed certificates |
When using Username & Password, the node automatically logs in to obtain an auth token, which is cached for 1 hour to avoid repeated logins.
Certificate Hierarchy
BounCA enforces a strict PKI hierarchy:
Root CA (R)
└── Intermediate CA (I)
├── Server Certificate (S)
├── Client Certificate (C)
├── Code Signing Certificate (D)
└── OCSP Signing Certificate (O)
When creating non-Root certificates, provide the Parent Certificate ID and the Issuer Passphrase (the parent CA's private key passphrase).
Resources
License
MIT