CA management made easy using GUIs¶
This list only includes free software as defined by the GNU foundation.
Please contribute a small description if you think your favorite tool should be included in the list.
GnoMint for Gnome desktop¶
- Creating all the infrastructure to keep and run a Certification Authority, saved in only one file.
- Create Certification Signing Requests, allowing to export them to PKCS#8 files, so they can be send to other CAs.
- Create X.509 certificates, with a usual set of subject-parameters.
- Export certificates and private keys to PEM files, so they can be used by external applications.
- For each CA, establish a set of policies for certificate generation.
- Import CSRs made by other applications
- Export PKCS#12 structures, so the certificates can be imported easily by web and mail clients.
- Revoke certificates, and generate the corresponding CRLs
- Allow the possibility of keeping the CA private key, or other private keys, in external files or devices (as USB drives)
- Allow the management of a whole hierarchy of CAs, with their respectives certificates.
- Import pre-existing Certification Authorities, with all their data.
- Allow an easy CA operation from command-line tools, for batch certificate creation, or integration with other utilities.\\
TinyCA for Gnome Desktop¶
- Unlimited CAs possible
- Support for creating and managing SubCAs
- Creation and Revocation of x509 - S/MIME certificates
- PKCS#10 Requests can be imported and signed
- RSA and DSA keys can be generated and used
- ServerCertificates
- Certificates can be exported as: PEM, DER, TXT and PKCS#12
- Certificates may be used with e.g. Apache, Postfix, OpenLDAP, Cyrus, FreeS/WAN, OpenVPN, OpenSWAN, FreeRadius
- ClientCertificates
- Certificates can be exported as: PEM, DER, TXT and PKCS#12
- Certificates may be used with e.g. Netscape, Konqueror, Opera, Internet Explorer, Outlook (Express) and FreeS/WAN
- Certificate Revocation List
- CRLs can be exported as: PEM, DER and TXT
Xca for GNU/Linux, Mac OS X, Windows¶
Graphical certification authority is an interface for managing asymetric keys like RSA or DSA. It is intended as a small CA for creation and signing certificates. It uses the OpenSSL library for the cryptographic operations.