nsLight PKI

nsLight PKI is a PERL script, that uses OpenSSL to provide Public Key Infrastructure operations (Удостоверяющий Центр). Features are:

• Key ceremony workflow for initialization
• Requesting certificate in centralized mode (PKCS#12 generation)
• Certificate view and revocation
• Managing only one CA (as certificate/key-pair)
• CRL generation (at revocation time and once a day by cron job)
• Certificate expiration notification (30 days before expiration)
• UTF-8 support
• Support for RSA/SHA-1/3DES and ГОСТ Р 34.10-2001, ГОСТ 28147-89 and ГОСТ Р 34.11-94
• REST Connector for integration with third party software
• Interactive installer for simple installation

The script is used both as CGI Web-based interface and cron task.
Download and install it by typing "./install.pl" and answer a few questions. Administrator's login is "admin". GOST support requires OpenSSL 1.0+. The software is released under the terms of GPL v3.

As of today, i've forked this development into a more complete one, available there.

Finally, if you need to use GOST algorithm for SSL/HTTPS connection, you can have a look at this HOWTO using stunnel with GOST.