OpenXPKI is an enterprise-grade PKI/Trustcenter software. It implements the necessary features to operate a PKI in professional environments. While primarily designed to run as an online RA/CA for managing X509v3 certificates, its flexibility allow for a wide range of possible use cases with regard to cryptographic key management.
OpenXPKI has a stable, mature code base and a growing user base. The developer team actively supports several professional installations some of which have been running continuously since 2009 and host several logical CAs with hundreds of thousands of active certificates.
We were happy to announce our first OpenXPKI User Group Meeting accompanied by a technical workshop, but due to Covid19 we had to cancel the original date :( - as soon as the situation allows, we will announce a new date and venue. You can see the planned schedule in this post.
Version 3.4 is available as of April 2020. The product is actively maintained, new packages are published several times a year and announced via the mailing lists.
Packages are currently provided for Debian Buster via the projects package mirror, see the quickstart for installation details. A docker container based on the debian packages is also available.
Packages for FreeBSD are maintained by Sergei Vyshenski and available via the FreeBSD ports network.
Enterprise support and professional services, including native packages for Ubuntu, SLES and RHEL, are available from White Rabbit Security GmbH, Germany.
For an overview on OpenXPKI, we recommend to check the features overview page. More detailed information can be found in the slides from the 2018 OpenXPKI Workshop held in Munich and from the 2015 Workshop in FrankfurtAlso check out our demo installation.