XCA description
This application allows you to create and manage X.509 certificates, certificate requests, RSA and DSA private keys and CRLs

XCA will allow you to create and manage X.509 certificates, certificate requests, RSA and DSA private keys and CRLs.

Everything that is needed for a CA is implemented. All CAs can sign sub-CAs recursively. These certificate chains are shown clearly.

For an easy company-wide use there are customiseable templates that can be used for certificate or request generation. All crypto data is stored in a local and portable file format.

Xca supports next to the usual PEM and DER format of certificates the import and export of PKCS#12 (aka *.pfx) files and the Certificate import from PKCS#7 files.

Certificates can be created by self signing it, by signing it by an other (usually CA) certificate or by signing a PKCS#10 request. Netscape SPKAC is supported since version 0.4.6.

The validity dates and x509.v3 extensions can be adjusted to fit ones needs. The use of multiple certificates in CA chains is supported and a tree view of the certificates reflects the dependencies.

The application takes care to not create duplicate certificates by checking the serial number(s) on import and creation of certificates.

Certificate Templates can be used to preset the input dialog with reasonable values and to simplify the process of creating certificates and requests.

Issued certificates can be revoked and the revokation list can be created and exported. External revokation lists can be imported and examined.