Software:X Certificate and Key management
From HandWiki
 XCA 2.4.0 on Windows 10 | |
| Developer(s) | Christian Hohnstädt (github/chris2511) [1] |
|---|---|
| Initial release | July 3, 2002 |
| Stable release | 2.4.0
/ May 7, 2021 |
| Written in | C++ |
| Operating system | |
| Platform | x86-64 |
| Type | Public Key Infrastructure |
| Website | hohnstaedt |
X Certificate and Key management (XCA) is a free and open-source multi-platform GUI application intended for creating and/or managing X.509 certificates, certificate signing requests, private/public keys (RSA, DSA, and EC), smart cards (via PKCS #11), and certificate revocation lists (CRLs).[2][3]
Functionality
XCA has the following major features:[4]
- Generate and manage asymmetric private/public keys (RSA, DSA, and EC)
- Generate and manage X.509 certificates (including root and intermediate CA certificates) hierarchically
- Generate and process X.509 certificate signing requests (CSRs)
- Revoke previously issued certificates and generate certificate revocation lists (CRLs)
- Read, write, and delete certificates and keys from/to hardware tokens (e.g. smart cards or HSMs) using a PKCS #11 dynamically linked library provided by a third party.
- Sets of certificate hierarchies and keys are stored as a workspace in a database. Keys in the database are protected with password-based encryption.
- Can be controlled entirely via a graphical user interface that is generally considered easier to use than equivalent functionality provided by command-line applications such as OpenSSL.[5]
- Some operations are accessible over a command-line interface
Implementation
XCA is written mostly in C++. It relies on OpenSSL to handle cryptographic operations and data structures, and its user interface is implemented using the Qt framework.[6]
Usage
XCA has been endorsed (among others) by SUSE Linux,[3] Synopsys,[5] and Barracuda Networks.[7]
References
- ↑ "chris2511 (Christian Hohnstädt)". https://github.com/chris2511.
- ↑ "X Certificate and Key Management". Official website. https://hohnstaedt.de/xca/.
- ↑ 3.0 3.1 "Managing a PKI with XCA, X certificate and key manager". SUSE Linux. https://documentation.suse.com/sled/15-SP4/html/SLED-all/cha-security-xca.html.
- ↑ "Manual". Official website. https://hohnstaedt.de/xca/index.php/documentation/manual.
- ↑ 5.0 5.1 "Stop Paying For SSL Certificates You Don’t Need". Synopsys. https://www.synopsys.com/blogs/software-security/stop-paying-for-ssl-certificates/.
- ↑ "chris2511/xca: X Certificate and Key management". GitHub. https://github.com/chris2511/xca.
- ↑ "How to Create Certificates with XCA". Barracuda Networks. https://campus.barracuda.com/product/campus/doc/28475773/how-to-create-certificates-with-xca/.
External links
| Email clients | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Secure communication |
| ||||||||||||||
| Disk encryption (Comparison) | |||||||||||||||
| Anonymity | |||||||||||||||
| File systems (List) | |||||||||||||||
| Service providers | |||||||||||||||
| Educational | |||||||||||||||
| Related topics | |||||||||||||||
 |  |
