Friday, November 19, 2010

Presenting EJBCA

Your enterprise decided recently to start using digital Certificates for authentication, digital signatures, Server authentication etc... in other words, you need a Certificate Authority(CA) in order to deliver certificates for your servers and users.

Of course, you can choose to buy certificates from known vendors like VerSign,Thawte etc... but you will need to pay for every certificate a user or a server needs! a better approach would be hosting you own In-House certificate Authority, this way you can issue as many certificates as you need.
Now that you decided to host your own CA,have your own Public Key Infrastructure (PKI),
you need to be able to manage the certificates : delivering, revoking etc... for that you can either reinvent the wheel, and create your own web application for this purpose, using OpenSSL + Batches. Or, you can use an open source Certificate Authority Management Solution like EJBCA.

EJBCA is an enterprise class PKI Certificate Authority built on J2EE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used stand-alone or integrated in other J2EE applications.

The next Article will be a step by step guide on how to set up EJBCA.


  1. Thanks for providing this useful detail. It helped me in a great way. I will follow your next article too to learn about how to set up this public key authority.
    public key infrastructure