XCA is a graphical user interface to OpenSSL, certificates, RSA/DSA/ECC public keys, signing requests and revocation lists.

XCA supports next to the usual PEM and DER format of certificates the import and export of PKCS#12 (aka *.pfx) files and the Certificate import from PKCS#7 files.

XCA supports keys on SmartCards via the PKCS#11 library interface. Usually the manufacturer of your card provides an appropriate PKCS#11 library.

Issued certificates can be revoked and the revokation list can be created and exported. External revokation lists can be imported and examined.

Supported file types:
· PEM
· DER
· PKCS#7
· PKCS#10
· PKCS#12 (aka *.pfx)

What's New in This Release: [ read full changelog ]

· Close bug [ 3372449 ] All numeric names cannot be used
· add search functionality for PKCS#11 libraries
· fix ASN.1 encoding of PKCS#10 request
· Close bug [ 3318203 ] Build failure with GNU gold linker
· Add x509v3 extensions to the list of selectable columns
· Close bug [ 3314262 ] Incorrect "Path length" template parameter handling
· Close bug [ 3314263 ] Unrevoking a certificate does not make it "Trusted"
· Feature Request [3286442] Make success/import messges optional
· improve Password entry
· Improve SPKAC import
· add french translation by Patrick Monnerat
· Export requests or certificates as openssl config file
· Support building with EC disabled
· Close bug [3091576] Private key export is always PKCS#8 encoded
· Feature Request [3058196] Autoload database
· Feature Request [3058195] Export directly to the clipboard
· Close bug [3062711] Additional OIDs
· Close bug [3062708] Invalid user configuration file path name
· Fix PKCS#11 library handling