EJBCA - The J2EE Certificate Authority
Search ejbca.org for:

Complimentary software

Complimentary software

To build a succesfull PKI you can benefit from a lot of tools available. Here are listed some tools and packages that can be used together with PKI to even further improve your PKI experience.

Signserver

Signserver

The SignServer is an application for automatic signatures called by other systems not able to connect to crytographic hardware. It is a framework that can be customized to specific needs using simple plug-in modules. The SignServer have a ready to use TimeStamp Authority (RFC 3161 compliant) and a MRTD Signer. Another usage is to provide a simplified method to provide signatures in different application managed from one location in the company.
The SignServer have been designed for high-availability and can be clustered for maximum reliability.

Hard Token Management Framework

Hard Token Management Framework

The hard token management framework is a framework for creating applications to manage to complete life cycle of issuing hard tokens (smart cards, USB PKI dongles, etc) to end users.
The framework is an API that you build a GUI on top of.

CSRTool

CSRTool website
or
CSRTool at sourceforge

A graphical tool for generating RSA and ECDSA cryptographic key-pairs, creating Certificate Signing Requests (CSRs) from them, and combining the key-pair with an issued digital certificate to create a secure portable container (PKCS12, JKS, JCEKS, etc.)

Some features:

  • Generates RSA public and private key-pairs in sizes ranging from 1024 to 8192 bits.
  • Generates Elliptic Curve DSA public and private key-pairs using either the ANSI X9.62 named curves, or custom parameters for your own curve if so inclined.
  • Saves the private-key in a PKCS8 file with Password-Based-Encryption using the SHA1withTripleDES algorithm.
  • Generates a PEM-encoded CSR that can be submitted to a CA either through a web-form or e-mail.
  • Generates keyUsage and/or the subjectAltName extensions (optionally) in the RSA-based CSR.
  • Combines the private-key from the previously-stored PKCS8 file and the newly returned digital certificate, into a PKCS12 file that can be used for importation into desired applications.

Bouncycastle

Bouncycastle website

Using Bouncycastle you can create your own tools and applications, or PKI enable your existing java applications.

Bouncycastle also have a section with complimentary packages (under resources) that you should look at.

Copyright © 2002-2008 EJBCA team. All rights reserved.