EJBCA 3.3.2 review
DownloadEJBCA is a fully functional Certificate Authority in Java using J2EE technology
|
|
EJBCA is a fully functional Certificate Authority in Java using J2EE technology. EJBCA builds on the J2EE platform to create a robust, high performance, platform independent, flexible, and component-based CA to be used standalone or integrated in any J2EE app. EJBCA comes with a flexible and powerful Web-based admin GUI.
Here are some key features of "EJBCA":
Flexible, component based architecture.
Multiple levels of CAs.
Multiple CAs and levels of CAs, build a complete infrastructure (or several) within one instance of EJBCA.
Supports SHA-1 or SHA-256 as hash algorithm and RSA as public key algorithm for digtal signatures.
Standalone or integrated in any J2EE application.
Simple installation and configuration.
Powerful Web based administration GUI using strong authentication.
Command line administration for scripts etc.
Modular API for HSMs. Support for nCipher HSM sponsored by Linagora.
Individual enrollment or batch production of certificates.
Server and client certificates can be exported as PKCS12, JKS or PEM.
Browser enrollment with Netscape, Mozilla, IE, etc.
Enrollment for other applications through open APIs and tools.
E-mail notification to new users added by RA.
Random or manual password for initial user authentication.
Hard token module for integrating with hard token issuing system (smart cards).
Supports the Simple Certificate Enrollment Protocol (SCEP).
Multiple levels of administrators with specified privileges and user groups. Configurable certificate profiles for different types and contents of certificates.
Configurable entity profiles for different types of users.
Follows X509 and PKIX (RFC3280) standards where applicable.
Revocation and Certificate Revocation Lists (CRLs).
Fully supports the Online Certificate Status Protocol (OCSP), including AIA-extension.
CRL creation and URL-based CRLDistribution Points according to RFC3280. Stores Certificates and CRLs in any SQL database (handled by application server).
Optional multiple publishers for publishing certificates and CRLs in LDAP.
Key recovery module to store private keys for recovery for selected users and certificates.
Component based architecture for publishing certificates and CRLs to different sources.
Component based architecture for various authorization methods of entities when issuing certificates.
Easy to integrate into large applications for optimal integration into bussiness process.
Requirements:
Apache Ant 1.6.2
JBoss 3.2.5
What's New in This Release:
This release works again on Weblogic and Oracle.
A new hart token profile was added.
Minor other fixes were done.
EJBCA 3.3.2 search tags