OpenXPKI

The OpenXPKI project stewards an open-source Public Key Infrastructure (PKI) software.

History
The OpenXPKI project commenced c. 2005 and began to produce usable software from c.  2010 but choose to take a precautionary approach with the first production level release in 2015. The approach taken was to create a modular system with most modules capable of being re-utilised in other systems - a Workflow engine centered approach.

The software has been mostly written in Perl and designed to run on Unix-like operating systems such as FreeBSD and Linux. Database backends have been created for MySQL, PostgreSQL, the Oracle Database and IBM Db2.

Technical
After installation the software on the node is configured to act as a Certificate Authority (CA), Registration Authority (RA) or End-Entity Enrolement (EE) node.

One client implementation is a web frontend that allows end-users to access the OpenXPKI system using a web browser, and a command line interface also available for system administrators. OpenXKPI also has a SCEP interface available.

Reception
OpenXPKI has been used successfully in scenarios from performance testing up to enterprise level environments. Shortcomings are that it requires additional components to complete a certificate based authentication, including software for efficient certificate distribution.