EJBCA

The Enterprise Java Beans Certificate Authority ( EJBCA short ) is an application for J2EE server, which is a certification authority ( CA ) for a Public Key Infrastructure (PKI). It is under the GNU Lesser General Public License ( LGPL). You can run on the application servers wildfly, OC4J (Oracle AS), Weblogic and Glassfish. EJBCA has a modular API for HSMs. The support is prepared for nCipher hardware, PrimeCardHSM, SafeNet Protect Server, SafeNet Luna, Utimaco CryptoServer, AEP Keyper, ARX CoSign and other HSMs with PKCS # 11 interface.

Functions

EJBCA provides, among other things, the following functions are available:

  • RSA algorithms for key up to a length of 8192 bits
  • Elliptic Curve DSA algorithms
  • The hash function MD5, SHA-1 and SHA-2
  • Browser- based administration GUI
  • Export certificates in the PKCS # 12, JKS or PEM formats
  • Certificate Revocation Lists (CRLs ).

Supported protocols

EJBCA, supports the following protocols:

  • Simple Certificate Enrollment Protocol ( SCEP ), currently defined in an IETF draft
  • Online Certificate Status Protocol (OCSP ) to the AIA extension, defined in RFC 2560
  • Part of the Certificate Management Protocol (CMP ), defined in RFC 4210
  • Synchronous XKMS requests ( Version 2)

Supported databases

EJBCA can deal with the Hypersonic database, MySQL, PostgreSQL, Oracle, MS- SQL 2000, Derby, Informix and DB2.

301469
de