The OpenXPKI Project

The OpenXPKI project has the vision to publish a software stack that provides all necessary components to manage keys and certificates primarily based on the X509v3 cryptography standard.

OpenXPKI Workshop - Reserve your seat now!

We are happy to announce our next OpenXPKI workshop happening on May 15th in Munich, accompanied with the release party of OpenXPKI 2.0! The workshop is free of charge but as we have limited capacity please reserve your seat soon! See this blog post for detailed information.

Project Status

Celebrating the 10th anniversary of the project, version 1.0 of our trustcenter software was officially released on October 20th, 2015.

Packages for Debian Jessie are available on the package mirror, see the quickstart for installation details. The product is actively maintained, new packages are published several times a year and announced via the mailing lists.

For a quick overview on the project, we recommend to check the slides from the release workshop or use our demo installation.

Core Features

  • WebUI compatible with all major browsers
  • Ready-to-run example config included
  • Support for SCEP (Simple Certificate Enrollment Protocol)
  • Easy adjustment of workflows to personal needs
  • Run multiple separate CAs with a single installation, automated rollover of CA generations
  • Can use Hardware Security Modules (e. g. Thales HSMs) for crypto operations
  • Issue certificates with public trusted CAs (e. g. SwissSign, Comodo, VeriSign)
  • Based on OpenSSL and Perl, runs on most *nix platforms
  • 100% Open Source, commercial support available
  • check out the roadmap for planned features



Community support is availble via the OpenXPKI users mailinglist, commercial support is also available.