diff --git a/docker/certmanager/.gitignore b/docker/certmanager/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..195e616971c0463859cc440c8e64bdc745cfb309
--- /dev/null
+++ b/docker/certmanager/.gitignore
@@ -0,0 +1 @@
+/certificates/
\ No newline at end of file
diff --git a/docker/certmanager/config b/docker/certmanager/config
new file mode 100644
index 0000000000000000000000000000000000000000..d265935490a4a2b033b012f3cc8870c279475ad6
--- /dev/null
+++ b/docker/certmanager/config
@@ -0,0 +1,12 @@
+export CERTNAME=rootCA
+export KEYSIZE=2048
+export CLIENTEXP=1491
+export ROOTEXP=2992
+
+export NUMCLIENTS=1
+
+export STATE="SC"
+export CITY="Florianopolis"
+export ORG="UFSC"
+export UNIT="Lisha"
+export HOST="localhost"
diff --git a/docker/certmanager/create-ca.sh b/docker/certmanager/create-ca.sh
new file mode 100755
index 0000000000000000000000000000000000000000..91fe315fdea89f134c125e740ab02107c4f28153
--- /dev/null
+++ b/docker/certmanager/create-ca.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+cd /certmanager
+
+. config
+openssl genpkey -algorithm RSA -out certificates/rootCA.key -pkeyopt rsa_keygen_bits:2048
+openssl req -x509 -new -nodes -key certificates/rootCA.key -sha256 -days 3650 -out certificates/rootCA.pem -subj "/C=BR/ST=$STATE/L=$CITY/O=$ORG/OU=$UNIT/CN=$HOST" -set_serial "0x$(openssl rand -hex 8)"
\ No newline at end of file
diff --git a/docker/certmanager/genclient.sh b/docker/certmanager/genclient.sh
new file mode 100755
index 0000000000000000000000000000000000000000..6c5dccb63ac02048f9d4982fb5a53fe827df5b98
--- /dev/null
+++ b/docker/certmanager/genclient.sh
@@ -0,0 +1,59 @@
+#!/bin/bash
+# Caciano Machado/Juliano Zatta - 16/10/2017
+
+cd /certmanager
+
+. config
+
+cd certificates
+
+# Initilize if not available the certificate list
+NUMPREVCERT=`tail -n 1 certificate_list | cut -d " " -f 1`
+ISNUM='^[0-9]+$'
+
+# Update - 30-10-2020 - Roberto M. Scheffel - Added receiver and purpose description, for documentation
+
+receiver=$1
+descr=$2
+if [ -z "$receiver" ]
+then
+   echo 'Usage: ' $0 '<receiver name>' '<purpose short description>.'
+   exit
+fi
+if [ -z "$descr" ]
+then
+   echo 'Usage: ' $0 '<receiver name>' '<purpose short description>.'
+   exit
+fi
+
+if [[ -a certificate_list ]]; then
+    if ! [[ $NUMPREVCERT =~ $ISNUM ]]; then
+        echo "ERROR: File certificate_list corrupted. This file stores the list of generated certificates and respective serial numbers."
+        exit -1
+    fi
+    CURRCLIENT=$((NUMPREVCERT + 1))
+    LASTCLIENT=$((NUMCLIENTS + NUMPREVCERT))
+else
+    CURRCLIENT=1
+    LASTCLIENT=$NUMCLIENTS
+fi
+
+for i in `seq $CURRCLIENT $LASTCLIENT`; do    
+    # Generate RSA key
+
+    echo "openssl genrsa -out client-$i.key $KEYSIZE"
+    openssl genrsa -out client-$i.key $KEYSIZE
+
+    # Generate certificate request
+    echo "openssl req -subj \"/C=BR/ST=$STATE/L=$CITY/O=$ORG/OU=$UNIT/CN=$HOST\" -new -key client-$i.key -out client-$i.req"
+    openssl req -subj "/C=BR/ST=$STATE/L=$CITY/O=$ORG/OU=$UNIT/CN=$HOST" -new -key client-$i.key -out client-$i.req
+    # Generate certificate
+    echo "openssl x509 -req -in client-$i.req -CA ${CERTNAME}.pem -CAkey ${CERTNAME}.key -CAcreateserial -out client-$i.pem -days $CLIENTEXP -sha256"
+    openssl x509 -req -in client-$i.req -CA ${CERTNAME}.pem -CAkey ${CERTNAME}.key -CAcreateserial -out client-$i.pem -days $CLIENTEXP -sha256
+    serial=`openssl x509 -in client-$i.pem -serial -noout | cut -d "=" -f 2`
+    echo $i $serial
+    echo $i $serial `date "+%F-%T"` `whoami` ' | ' $receiver ' | ' $descr >> certificate_list
+    mv client-$i.key client-$i-$serial.key
+    mv client-$i.pem client-$i-$serial.pem
+    rm -f client-$i.req
+done
\ No newline at end of file