Batch-generate certificate PDFs with unique verify codes — on a verify page you host.
Training providers, course creators, event organisers, and HR teams all hit the same wall: fifty (or five hundred) people finish, and each needs a certificate — plus a way for an employer to check it's real, years later. Doing it by hand means mail-merging documents one at a time and answering verification emails forever. Certificate SaaS charges per certificate or per month, and the verify page dies with the subscription.
Design templates with title, body, merge tokens ({recipient}, {course}, {date}, {issuer}, {code}), signatory line, orientation, and optional logo/seal text.
Import recipients from CSV with columns matched by header name, or add them manually.
Template × recipient list → one certificate each, with a random database-unique verification code and issue date — collision-free even at a 1,000-certificate batch.
Each certificate renders as a clean PDF — positioned text, double border, centred layout — with no external libraries or services.
Anyone can confirm a certificate at /verify/{code}: recipient, course, issuer, issue date, and validity — with a honeypot, per-IP rate limiting, and a plain not-found on a miss.
Search every issued certificate, revoke or reinstate, and export the register as a formula-injection-hardened CSV.
Checkout isn't open yet. Leave your email and we'll send one note the moment Certora — Bulk Certificate Generator + Verifier (PHP + MySQL, Self-Hosted) can be purchased — nothing else.
2-minute web installer, plain PHP 8 + MySQL (or SQLite for a trial), no Composer or build step — Docker image included.
No, and it doesn't need to be — a verification code is a random, database-unique lookup token. Verification is a lookup against your own register, not a signature check. Nothing is signed or encrypted.
No — codes are random and enforced unique at the database level; batch generation is tested collision-free at 1,000 certificates.
The verify endpoint has a honeypot, per-IP rate limiting, and returns 404 on a miss — and a code exposes nothing beyond what's on the certificate face.
Yes — revoke or reinstate any issued certificate from the register; the public verify page reflects it immediately.
Yes — PHP 8+ with PDO, MySQL/MariaDB or SQLite, a 2-minute web installer, no Composer packages, no API keys.