Table des matières

Infrastructure de Gestion de Clefs

En anglais: Public Key Infrastructure (PKI).

Voir :

Softs

PKIF & Webcullis

The PKI Framework

http://pkif.sourceforge.net

Webcullis, Simple PKI-based access control for the Web. Webcullis is a security plug-in formultiple https servers. It is designed to strengthen the web server’s ability to limit access to files based on certificate policy or name constraints when the server implements X.509 PKI-based authorization schemes

http://pkif.sourceforge.net/webcullis.html

EJBCA

http://www.ejbca.org/

The LGPL (GNU LESSER GENERAL PUBLIC LICENSE) applies to all releases of EJBCA.

OpenCA

https://www.openca.org/

OpenSSL

/informatique/OpenSSL

XCA

http://xca.hohnstaedt.de

une p'tite doc

XCA is a graphical user interface for creating RSA/DSA/ECC keys, certificates, signing requests and revokation lists.

With XCA certificate signing and managing becomes an easy task.

It supports keys on SmartCards via the PKCS#11 library interface. Usually the manufacturer of your card provides an appropriate PKCS#11 library. By default it uses the OpenSC library.

Supported Operating systems:

Time Stamping

OpenTSA

http://www.opentsa.org

The aim of the OpenTSA project is to develop an RFC 3161 compliant, stable, secure, open source and free time stamping authority client and server application. The following deliverables have already been produced:

Tools

Avec le SDK Microsoft

  1. Création du certificat X509, avec makecert.exe. On spécifie d’exporter la clé privée (*.pvk), et surtout il faut marqué le certificat X509 comme exportable, ce qui permet pour l’étape suivante d’inclure la clé privée.
  2. On utilise l'outil pvk2pfx.exe qui inclut la clé privée dans le certificat, pour générer le fichier pfx ou p12 (c’est la même chose maintenant).
D:\projs> makecert.exe -r -pe -n "CN=TOTO-SSO" -b 01/04/2010 -e 01/04/2020 -sky signature -sv TOTO-SSO.Private.pvk TOTO-SSO.cer
Succeeded
D:\projs> pvk2pfx.exe -pvk TOTO-SSO.pvk -spc TOTO-SSO.cer -pfx TOTO-SSO.pfx

Avec le JDK (Java SDK)

Avec l'outil keytool

http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/keytool.html