www.antiaction.com / java / keymanager | email: keymanager[dot]java[at]antiaction[dot]com |
Summary:
KeyManager was written to experiment with PKI, X.509 certificates, key signing and SSL authentication.
About:
For some time now I've wanted to experiment with key signing and Certificate Authorities.
I tried openssl but it seriously creeps me out to have to remember all those commandline
options from time to time not to mention the documentation. Sun's Keytool work fine but is
not usable for all my needs.
I tried looking for existing tools that would suit my needs, but they were either
incomplete, bloated or would not run on my setup.
Some uses for this utility could be to enable for key-based user authentication in HTTP/POP3/IMAP/SMTP/FTP.
Features:
- Generate keypair and self-signed certificate chain (CA).
- Store keypair and X.509 certificate chain into a keystore.
- Export X.509 PEM encoded trust cacert (.cer).
- Generate keypair and self-signed certificate chain (User).
- KeyUsage checkboxes.
- Save user Cert Sign Request(CSR).
- Sign a certificate.
- Import PKCS#10 certificate sign request (.csr).
- Export X.509 PEM encoded certificate reply (.cer).
- User Interface
- JDesktop with JInternalFrames (see screenshot).
- New Keystore.
- Open Keystore. (see screenshot)
- Generate User KeyPair/Cert. (see screenshot)
- Generate CA KeyPair/Cert. (see screenshot)
- Quit.
- Organize Favorites. (pending)
- Open Favorite.
- About Dialog.
- Generation of CA KeyPair and Cerficate (see screenshot).
- Export X.509 file chooser.
- Save KeyPair/CertChain in new/existing Keystore (see screenshots).
- Generation of user KeyPair and Cerficate (see screenshot).
- Save user Cert Sign Request(CSR) file chooser.
- Open Keystore (see screenshot).
- Display Keystore using dynamic JTree (see screenshot).
- Displays Cert(Chain)Info in TextArea next to Tree.
- Toolbar menu.
- New.
- Open...
- Add to Favorites. (pending)
- Save.
- Save As...
- Close.
- Context menu.
- Import X.509 Certificate. (see screenshot)
- Import KeyPair/CertChain. (see screenshot)
- Generate User KeyPair/Cert. (see screenshot)
- Generate CA KeyPair/Cert. (see screenshot)
- Export X.509 Certificate.
- Export X.509 Certificate(chain).
- Export Public Key.
- Export certificate sign request (CSR).
- Import CSR reply.
- Append Cert(chain).
- Sign CSR (see screenshot).
- Export Private Key.
- Change alias.
- Change key password.
- Clone.
- Delete.
Downloads:
N/A
Requirements:
Pending:
- Favorites/Drag and Drop.
- Help
History:
20070203: First certificate also displayed in keystore subtree, individual certificates in chain displayable.
20070106: Enter key to also show certinfo in keystore gui, alias showed in certinfo.
20061219: v1/v3 disable/enable keyusage checkboxes.
20061217: Added X.509 v1 support to CA/User Certificate creation dialogs.
20061216: Added X.509 v1 support to CA/User Certificate creation.
20060802: No classloader needed so why bother.
20060724: Also seems my JNLP package is finally working.
20060724: CertInfo expanded with Version and Certificate constraints path length.
20060723: Implemented: CertInfo displayed in Keystore frame alongside Tree.
20060722: Implemented: Append Cert(chain) to Key CertChain.
20060708: Added some more screenshot.
20060707: Implemented: Keystore generate CA/Cert.
20060627: Implemented: Import Keypair/Cert(Chain).
20060625: Implemented: Import X.509 Certificate.
20060619: Implemented: Change Alias (JDialog), Clone Key/Cert (JDialog) and Export X.509 Certificate Chain.
20060614: Load and display in menu of favorites.
20060613: JDialog implemented for Keystore Open/New.
20060611: Main desktop implemented.
20060610: Change key password implemented.
20060609: Change alias implemented, minor text fixes.
20060607: JTree can now be dynamicly updated. Delete key/cert implemented.
20060607: Import CSR reply + certificatechain validation/truncation.
20060605: Somewhat implemented keystore new/open/save/saveas/close.
20060605: Implemented import CSR reply + certificatechain verification/cleanup.
20060601: Sign CSR GUI, GenCert NotValidBefore/After and KeyUsage mask use.
20060531: Finished implemented contextmenu for exporting x.509 certificate, csr, pub/private key.
20060527: Implemented keystore jtree model.
20060524: Open keystore frame and file chooser.
20060522: More layout changes and up to date screenshots.
20060521: JGoodies helped quite a bit with the layout.
Possible enhancements:
- User interface.
- Custom File Dialogs.
- Improved Dialogs.
- New DateChooser Dialog.
- CRL support.
- Signing multiple CSR's.
Screenshots: