Enterprise JavaBeans Certificate Authority
EJBCA
|
|
---|---|
Basic data
|
|
developer | PrimeKey et al. a. |
Publishing year | December 5, 2001 |
Current version | 6.3.1.1 (June 2, 2015) |
operating system | J2EE |
programming language | Java |
category | Cryptography |
License | LGPL ( Free Software ) |
German speaking | Yes |
ejbca.org |
The Enterprise JavaBeans Certificate Authority ( EJBCA for short ) is an application for J2EE servers that is a certification authority (CA) for a public key infrastructure (PKI). It is under the GNU Lesser General Public License (LGPL). It can be operated on the application servers WildFly , OC4J (Oracle AS), Weblogic and GlassFish . EJBCA contains a modular API for HSMs . The support is prepared for hardware from nCipher, PrimeCardHSM, SafeNet ProtectServer, SafeNet Luna, Utimaco CryptoServer, AEP Keyper, ARX CoSign and other HSMs with PKCS # 11 interface.
Functions
EJBCA provides the following functions, among others:
- RSA algorithms for keys up to a length of 8192 bits
- Elliptic Curve DSA algorithms
- the hash functions MD5 , SHA-1 and SHA-2
- browser-based administration GUI
- Export of certificates in the formats PKCS # 12, JKS or PEM
- Certificate Revocation Lists (CRLs).
Supported protocols
EJBCA supports the following protocols, among others:
- Simple Certificate Enrollment Protocol (SCEP), currently defined in a draft of the IETF
- Online Certificate Status Protocol (OCSP) with the AIA extension, defined in RFC 2560
- Parts of the Certificate Management Protocol (CMP), defined in RFC 4210
- Synchronous XKMS requirements (version 2)
Supported databases
EJBCA can handle the databases Hypersonic , MySQL , PostgreSQL , Oracle , MS-SQL 2000, Derby , Informix and DB2 .