EJBCA 3.0 Open Source CA system software Research

EJBCA is a valuable open source system, for the current domestic PKI technology and products have reference significance. When EJB3.0 released, I translated the software introduction, I hope to play to let everyone pay attention to the effect. Interested parties are welcome to further explore this software with me. EJBCA is a fully functional CA system software that is based on Java EE Technology and provides a powerful, high-performance, component-based ca. EJBCA is flexible and platform-independent, can be used independently, and can be integrated with any Java EE application. We encourage and thank you for any kind of contribution.

If you want to contact the EJBCA team or want to provide support, please contact the project Administrator and you can find him on the SourceForge project page.

This software is OSI-certified open source software. OSI authentication is the authentication mark of Open Source initiative.

Characteristics

LGPL Open Source License
Based on the Java EE 1.3 (EJB2.0) specification
Flexible, component-based architecture
Multi-level CA
Multiple CAs and multilevel CAs to create one or more complete infrastructures in a EJBCA instance
Run alone, or integrate it into any Java application
Simple Installation and configuration
A powerful web-based management interface with a high strength identification algorithm
Support for command-line based management and support for scripting features
Support for the production of personal certificate or certificate
Server and client certificates can be exported using PKCS12, JKS, or PEM formats
Support the use of Netscape, Mozilla, IE and other browsers direct certificate application
Support for using open APIs and tools to request certificates through other applications
New users added by Ra can be alerted by email
Passwords can be generated randomly or manually for new user authentication
Supports hardware modules to integrate hardware issuing systems (e.g., smart cards)
Support SCEP
Support for multipolarity management with specific user rights and user groups
Certificates can be configured for different types and content of certificates
Entity configuration for different types of users
Follow X509 and PKIX (RFC3280) standards
CRL Support
Full support for OCSP, including AIA extensions
CRL generation and URL based CRL distribution points follow RFC3280, which can store certificates and CRLs (processed by Application Server) in any SQL database.
Optional multiple publishers to be used to publish certificates and CRLs in LDAP
Supports key recovery modules used to recover private keys for specified users and certificates
component-based architecture for publishing certificates and CRLs to different destinations
component-based architecture for the use of multiple entity authorization methods when issuing certificates
Easy integration into large applications and optimized for integration into business processes

Platform

EJBCA is completely Java-written and can be run on any platform that uses an EE server. Development and testing is done on Linux and Windows2000.