The OpenXPKI Project
The OpenXPKI project has the vision to publish a software stack
that provides all necessary components to manage keys and certificates
primarily based on the X509v3 cryptography standard.
Project Status
We released the first stable version on the 10th anniversary of the
project on October 20th. Packages for Debian Jessie are available on the
package mirror, see the
quickstart for installation details.
For a quick overview on the project, we recommend to check the
slides from the release workshop
or use our demo installation.
Core Features
- WebUI compatible with all major browsers
- Ready-to-run example config included
- Support for SCEP (Simple Certificate Enrollment Protocol)
- Easy adjustment of workflows to personal needs
- Run multiple separate CAs with a single installation, automated rollover of CA generations
- Can use Hardware Security Modules (e. g. Thales HSMs) for crypto operations
- Issue certificates with public trusted CAs (e. g. SwissSign, Comodo, VeriSign)
- Based on OpenSSL and Perl, runs on most *nix platforms
- 100% Open Source, commercial support available
- check out the roadmap for planned features
Resources