EJBCA

From Wikipedia, the free encyclopedia
Jump to: navigation, search
EJBCA
Developer(s) PrimeKey Solutions AB
Initial release December 5, 2001 (2001-12-05)
Stable release 6.4.2 / December 29, 2015 (2015-12-29)
Written in Java on Java EE
Operating system Cross-platform
Available in Bosnian, Chinese, Czech, English, French, German, Japanese, Portuguese, Swedish, Ukrainian
Type PKI Software
License LGPL v2.1
Website www.ejbca.org

Enterprise Java Beans Certificate Authority, or EJBCA, is a free software public key infrastructure (PKI) certificate authority software package maintained and sponsored by the Swedish for-profit company PrimeKey Solutions AB, which holds the copyright to most of the codebase. The project's source code is available under terms of the Lesser GNU General Public License.

Design[edit]

The system is implemented in Java EE and designed to be platform independent and fully clusterable,[1] to permit a greater degree of scalability than is typical of similar software packages. Multiple instances of EJBCA are run simultaneously, sharing a database containing the current certificate authorities (CAs). This permits each instance of the software to access any CA. The software also supports the use of a Hardware Security Module (HSM), which provides additional security. Larger-scale installations would use multiple instances of EJBCA running on a cluster, a fully distributed database on a separate cluster and a third cluster with HSMs keeping the different CA keys.

EJBCA supports many common PKI Architectures such as all in a single server, distributed RAs and external validation authority. An example architecture is illustrated below.

Example PKI architecture with external validation authority


References[edit]

Further reading[edit]

External links[edit]