EJBCA and SignServer demonstration kit

This live CD can also be freely downloaded from EJCBA home.

This demonstration pack offers a complete solution to test EJCBA and SignServer:

• Hardware: PKI smartcards, smartcard readers and PKI token. Our hardware does not require any proprietary driver and is compatible with legacy Free Software solutions.
• Software: EJCBA+LiveServer live DVD configured for testing your specific configuration using either virtualization or simple booting the CD.

What is EJBCA?

EJBCA is an advanced enterprise class open source PKI-implementation (it's a CA!) written in a Java/J2EE environment. The focus for the EJBCA project is to create a flexible, platform independent and scalable CA/RA solution, fulfilling various requirements a large enterprise could have, concerning not only security aspects but also connectivity, administrative delegation and event logging.

Simply customize your demonstration pack to suit your needs. You should use at least :

• A smartcard reader and a PKI smartcard.
• or a PKI token.
• or a combination of smartcard readers, PKI smartcards and PKI token.

What is SignServer?

SignServer is an application framework performing cryptographic operations for other applications. It's intended to be used in environments where keys are supposed to be protected in hardware but there isn't possible to connect such hardware to existing enterprise applications or where the operations are considered extra sensitive so the hardware have to protected more carefully. Another usage is to provide a simplified method to provide signatures in different application managed from one location in the company.

SignServer has ready to use:

• TimeStamp Authority (RFC 3161 compliant).
• Signers for different documents: PDF, XML, ODF, OOXML, MRTD (ePassport).
• General purpose signers: CMS.
• Validators for documents: XML.
• Certificate Validation Service Framework for validating certificates using CRLs or OCSP.
• Group Key Service Framework.
• Simple Mail Signer.

SignServer has been designed for high-availability and can be clustered for maximum reliability.

Different kinds of sign tokens exist:

• Soft token using PKCS12 files.
• PKCS#11 HSM tokens, such as the Utimaco CryptoServer, SafeNet ProtectServer, nCipher nShield or AEP KeyPer.
• PrimeCardHSM using smart cards.

Buying hardware at Gooze.eu

Please note that you are not limited to that number of hardware. You may buy additional hardware on Gooze and combine it with this order. The price is exactly the same.