Software:X Certificate and Key management

From HandWiki
X Certificate and Key Management
XCA 2.4.0 Example Screenshot.png
XCA 2.4.0 on Windows 10
Developer(s)Christian Hohnstädt (github/chris2511) [1]
Initial releaseJuly 3, 2002; 22 years ago (2002-07-03)
Stable release
2.4.0 / May 7, 2021; 3 years ago (2021-05-07)
Written inC++
Operating system
Platformx86-64
TypePublic Key Infrastructure
Websitehohnstaedt.de/xca/


X Certificate and Key management (XCA) is a free and open-source multi-platform GUI application intended for creating and/or managing X.509 certificates, certificate signing requests, private/public keys (RSA, DSA, and EC), smart cards (via PKCS #11), and certificate revocation lists (CRLs).[2][3]

Functionality

XCA has the following major features:[4]

  • Generate and manage asymmetric private/public keys (RSA, DSA, and EC)
  • Generate and manage X.509 certificates (including root and intermediate CA certificates) hierarchically
  • Generate and process X.509 certificate signing requests (CSRs)
  • Revoke previously issued certificates and generate certificate revocation lists (CRLs)
  • Read, write, and delete certificates and keys from/to hardware tokens (e.g. smart cards or HSMs) using a PKCS #11 dynamically linked library provided by a third party.
  • Sets of certificate hierarchies and keys are stored as a workspace in a database. Keys in the database are protected with password-based encryption.
  • Can be controlled entirely via a graphical user interface that is generally considered easier to use than equivalent functionality provided by command-line applications such as OpenSSL.[5]
  • Some operations are accessible over a command-line interface

Implementation

XCA is written mostly in C++. It relies on OpenSSL to handle cryptographic operations and data structures, and its user interface is implemented using the Qt framework.[6]

Usage

XCA has been endorsed (among others) by SUSE Linux,[3] Synopsys,[5] and Barracuda Networks.[7]

References

External links