OpenSource Software

nsLight PKI

nsLight PKI is a PERL script, that uses OpenSSL to provide Public Key Infrastructure operations (Удостоверяющий Центр). Features are:
  • Key ceremony workflow for initialization
  • Requesting certificate in centralized mode (PKCS#12 generation)
  • Certificate view and revocation
  • Managing only one CA (as certificate/key-pair)
  • CRL generation (at revocation time and once a day by cron job)
  • Certificate expiration notification (30 days before expiration)
  • UTF-8 support
  • Support for RSA/SHA-1/3DES and ГОСТ Р 34.10-2001, ГОСТ 28147-89 and ГОСТ Р 34.11-94
  • REST Connector for integration with third party software
  • Interactive installer for simple installation
The script is used both as CGI Web-based interface and cron task.
Download and install it by typing "./" and answer a few questions. Administrator's login is "admin". GOST support requires OpenSSL 1.0+. The software is released under the terms of GPL v3.

As of today, i've forked this development into a more complete one, available there.

Finally, if you need to use GOST algorithm for SSL/HTTPS connection, you can have a look at this HOWTO using stunnel with GOST.