OpenCA

OpenCA, officially the OpenCA PKI Research Labs and formerly the OpenCA Project, is a PKI collaborative effort to develop a robust, full-featured and open-source out-of-the-box certification authority implementing the most used protocols with full-strength cryptography. OpenCA is based on many open-source projects; among these are OpenLDAP, OpenSSL and Apache projects.

OpenCA
Developer(s)OpenCA Labs
Stable release
v1.5.2[1] / May 10, 2014 (2014-05-10)
Operating systemMulti-platform
TypePKI Software
LicenseGNU General Public License
Websitehttps://www.openca.org/

Project development is divided into 2 main tasks: studying and refining the security scheme that guarantees the best model to be used in a certificate authority, and developing software to easily set up and manage a CA. The last activity on the website is from summer 2018, so the project seems to be dead.

OpenCA PKI

The problem with Public Key Infrastructures (PKIs) is that most applications can be secured with certificates and keys but it is difficult and sometimes expensive to set up PKIs, because flexible trustcenter software is expensive.

OpenCA PKI Features

Today OpenCa supports the following elements: (this is an incomplete list just to give you an impression of how complex the subject matter is):

  • Public interface
  • LDAP interface
  • RA interface
  • CA interface
  • SCEP
  • OCSP
  • IP-filters for interfaces
  • Passphrase based login
  • Certificate based login (including smartcards)
  • Role Based Access Control
  • Flexible Certificate Subjects
  • Flexible Certificate Extensions
  • PIN based revocation
  • Digital signature based revocation
  • CRL issuing
  • Warnings for soon to expire certificates
  • support for nearly every (graphical) browser

OpenCA is designed for a distributed infrastructure. It can, not only handle an offline CA and an online RA, but using it you can build a whole hierarchy with three or more levels. OpenCA is not just a small solution for small and medium research facilities. The goal is to support maximum flexibility for big organizations like universities, grids and global companies.

See also

References
  1. https://github.com/openca/openca-base/blob/master/ChangeLog


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.