Projects

ejbca

EJBCA is a fully functional Certificate Authority. Based on J2EE technology it constitutes a robust, high performance and component based CA. Both flexible and platform independent, EJBCA can be used standalone or integrated in any J2EE application. EJBCA is an enterprise class PKI, meaning that ... [More] you can use EJBCA to build a complete PKI infrastructure for your organisation. If you only want to issue a few single certificates for testing, there are probably options that will get you started quicker, but if you want a serious PKI we recommend EJBCA. [Less]

QiPki

QiPki is an effort to create Java developper tools to build cryptography into applications and heading towards building a suite of packaged cryptography services. Development tries to follow principles learned from DDD, DCI, ReST and more using the Qi4j engine and framework.

SignServer

The SignServer is an application for server side signatures called by other systems. It is flexible and can be customized to specific needs. The SignServer have a ready to use TimeStamp server and signers for PDF, XML, ODF, OOXML and MRTD (ePassport DS).

Xca

This application is intended for creating and managing X.509 certificates, certificate requests, RSA, DSA and EC private keys and CRLs. Everything that is needed for a CA is implemented. All CAs can sign sub-CAs recursively. These certificate chains are shown clearly. For an easy company-wide use ... [More] there are customiseable templates that can be used for certificate or request generation. All crypto data is stored in a and endian-agnostic file format portable across operating systems. [Less]

DirMngr

DirMngr is a server for managing and downloading certificate revocation lists (CRLs) for X.509 certificates and for downloading the certificates themselves. Dirmngr also handles OCSP requests as an alternative to CRLs. Dirmngr is either invoked internaly by gpgsm (from gnupg 1.9) or when running as a system daemon through the dirmngr-client tool.

OpenXPKI

The OpenXPKI Project aims at creating an enterprise-grade PKI/Trustcenter software supporting well established infrastructure components like RDBMS and Hardware Security Modules. Flexibility and modularity are the project's key design objectives. Unlike many other OpenSource PKI projects ... [More] OpenXPKI offers powerful features necessary for professional environments that are usually only found in commercial grade PKI products. [Less]

gnoMint

A graphical interface for managing a X.509 certification authority. It allows an easy administration of an Certification Authority out-of-the-shelf.

jSCEP

jSCEP is an open-source Java implementation of the Simple Certificate Enrollment Protocol (SCEP). It is fully compliant with the most recent SCEP Internet-Draft (draft-nourse-scep-20) and is capable of supporting both client- and server-side operations.

XAdES.PHP

This tool can create XAdES (XML) signatures based upon ETSI TS 101 903 v1.3.2 standard. It also includes handling of ITU-T X.509 certificates and RFC 3161 timestamps.

OpenOCES

OpenOCES is a project dedicated to the development of free software components for the Danish OCES PKI. Since OCES is based on the X.509 standard, some of the OpenOCES subprojects, such as OpenSign, can be used in any X.509 based PKI. Read more about the OpenOCES project and OCES in general here. ... [More] Currently, OpenOCES hosts 3 projects: * OpenSign - an applet for signing text and logon * OpenOCES API - a convenience API for handling OCES certificates and signatures generated by OpenSign * OpenCert - a standalone application for issuance of OCES certificates [Less]