OPENSOURCE SECURITY AND IDENTITY MANAGEMENT SOLUTIONS
Get the new Version!
The OpenCA PKI Research Labs, born from the former OpenCA Project, is an open organization aimed to provide a framework for PKI studying and development of related projects. As the PKIs standards, interests and projects are growing fast, it has been decided to split the original project into smaller ones to speed up and reorganize efforts. Some projects have already started and received (whenever possible) funds, while others are finding their way to the final decisional stage.
We strongly encourage everyone to contribute to our initiatives and projects. We welcome contributions in many forms. Our members are those individuals who have demonstrated a commitment to collaborative open-source software development through sustained participation and contributions within the Foundation's projects.
LibPKI v0.6.7 (Papocchio)
by #madwolf @ 17.02.2012
The new version (v0.6.7/Papocchio) of LibPKI is available. Major changes over v0.6.5 are: fixed OCSP response initialization, added support for DNS url for retrieving DNS records via the simple URL_* interface, added initial support for Lightweight Internet Revocation Tokens (LIRTs) Download the new version for your system in the LibPKI download pages.
LibPKI v0.6.5 (Hope)
by #madwolf @ 15.02.2011
The new version (v0.6.5/Hope) of LibPKI is available. Major changes over v0.6.4 are: fixed a key-encoding error in OpenSSL, added new pki-siginfo tool to ease signature info gathering for X509 objs, added PKI_X509_KEYPAIR_get_curve() to get curve related to an EC key, added possibility to load any type of X509 objects by using PKI_X509_get() with PKI_DATATYPE_ANY as a type, fixed an error when setting the signature algorithm in PKI_X509_CERT_new(), enhanced support for ECDSA key management. Download the new version for your system in the LibPKI download pages.
LibPKI v0.6.4 (Broadway)
by #madwolf @ 15.02.2011
The new version (v0.6.4/Broadway) of LibPKI is available. Major changes over v0.6.3 are: fixed HTTP code (memory allocation error), enhanced command-line tool for CRL manipulation (pki-crl). Download the new version for your system in the LibPKI download pages.
OCSPD v2.1.0 (Ellie)
by madwolf @ 11.02.2011
A new version of the OCSPD responder is available for download. Major improvements over the last publicly available version are: Updated default configuration files (default passin set to none), enhanced support for ECDSA support, updated thread management with builtin support from LibPKI 0.6.3, fixed start/stop script, fixed a memory error in config.c causing segfault on CRL reload, deleted extra two bytes sent out after the DER encoding of the response is written (that was causing Firefox/Thunderbird not to validate the answer), fixed an error in return code check for PKI_NET_listen, fixed error in config parsing when no bind address was provided.
LibPKI v0.6.3 (Viper)
by #madwolf @ 10.02.2011
The new version (Viper/v0.6.3) of LibPKI is available. Major changes over v0.6.1 are: extended support for ECDSA (via profile/keyParams in profile configuration files), fixed linker issues on Solaris, added pki-cert command line tool, fixed ocsp library code. Download the new version for your system in the LibPKI download pages.
DemoCA Online Again
by madwolf @ 12.12.2010
The demo online CA is back online due to great demand from people interested in the OpenCA PKI software. We will try to keep it online as much as possible, please be warned, though, that it is just a DEMO service and no liability is implied.
Current version of the Online CA is v1.1.1.
OCSPD Firefox Fix
by madwolf @ 19.11.2010
Due to a bug in Firefox (memory management), you need to have the OCSPD to be compiled against the LibPKI v0.6.1+. Please download the source code and re-compile the daemon once you updated the crypto library.
by madwolf @ 17.11.2010
A new version of the OCSPD responder is available for download. Major improvements over the last publicly available version (mostly coming from supporting for LibPKI v0.6.0) are: extensive support for hardware devices (PKCS#11 and OpenSSL Engine), multiple keypair and certificate support for response signatures, POST and GET support, IPv6 support.
LibPKI v0.6.0 (Turkey)
by #madwolf @ 17.11.2010
The new version (Turkey/v0.6.0) of LibPKI is available. Major changes over v0.5.1 are: support for IPv6 in network calls, fixes for URL parsing and PKI_SSL_* interface enhancements. Get the new version for your system in the LibPKI download pages.
LibPKI v0.5.1 (Zoiberg)
by #madwolf @ 02.09.2010
The new version (Zoiberg/v0.5.1) of LibPKI is available. Major changes over v0.5.0 are: better support for OS independent Thread Management together with thread synchronization primitives (mutexes, condition variables, and r/w locks, LDAP interface fixes. Get the new version for your system in the LibPKI download pages.
Yum repositories for OpenCA projects have been created. If your system supports Yum (and RPMs) you can use the provided links to install the repository configuration on your system.
The new version (lulu/v0.5.0) of LibPKI is available for download. Many changes to the library and bug fixing over the old version. In particular: added support for different OSes (initial support for Win port), added PKI_SSL and support for easy SSL/TLS management, added support for Win LDAP API, added support for 64bit architectures, added safe URL encoding for HTTP GET protocol, added platform-independed thread management.
New Website Layout
26.08.2010 #madwolfThe OpenCA Website has undergone a complete makeover to address incompatibities with some web browsers (IE) and to provide a cleaner interface for users. Please let us know if you like it here.
06.01.2010 #madwolfThe problems with the OpenCA's servers have been fixed. Please let us know if you still experience any major inconvenience when using OpenCA services.