XCA is an interface for managing RSA and DSA keys, certificates, certificate signing requests, revocation lists and templates. It uses the OpenSSL and Qt4 libraries. Certificates and requests can be created and signed and many x509v3 extensions can be added. XCA supports multiple root and intermediate Certificate authorities. The CAs can be used to create CRLs and extend certificates. The following file-formats are supported: PEM, DER, PKCS#7, PKCS#8, PKCS#10, PKCS#12, and SPKAC.
nsLight PKI is a CGI script that uses OpenSSL to provide Public Key Infrastructure operations. Its features include key ceremony workflow for initialization, requesting of certificates in centralized mode (PKCS#12 generation), certificate view and revocation,CRL generation (at revocation time and once a day by cron job), certificate expiration notifications, and UTF-8 support. It has built-in support for RSA/SHA-1/3DES and GOST R 34.10-2001, GOST 28147-89, and GOST R 34.11-94, the cryptographic provider being OpenSSL 1.0. The script is used both as Web-based interface and cron task.
ecca-proxy is a Web proxy server that transparently handles Eccentric Authentication key and certificate management. Eccentric Authentication is a protocol designed to make using client certificates easy, secure, and private. The proxy handles the difficult cryptographic details and provides an easy to use interface to the user.