OpenXPKI is an enterprise-grade PKI/Trustcenter software. It implements the necessary features to operate a PKI in professional environments. While primarily designed to run as an online RA/CA for managing X509v3 certificates, its flexibility allow for a wide range of possible use cases with regard to cryptographic key management.
OpenXPKI has a stable, mature code base and a growing user base. The developer team actively supports several professional installations some of which have been running continuously since 2009 and host several logical CAs with hundreds of thousands of active certificates.
Version 3.24 is available as of February 2023. The product is actively maintained, new packages are published several times a year and announced via the mailing lists.
Packages are currently provided for Debian Buster via the projects package mirror, see the quickstart for installation details. A docker container based on the debian packages is also available.
Packages for FreeBSD are maintained by Sergei Vyshenski and available via the FreeBSD ports network.
Enterprise support and professional services, including native packages for Ubuntu, SLES and RHEL, are available from White Rabbit Security GmbH, Germany.
For an overview on OpenXPKI, we recommend to check the features overview page. More detailed information can be found in the slides from the 2018 OpenXPKI Workshop held in Munich and from the 2015 Workshop in Frankfurt
Also check out our demo installation.We are currently working on a relaunch of the OpenXPKI Website with a more modern look and feel, better structure and more information on the project. Stay tuned...