OpenXPKI - The OpenSource Trustcenter SoftwareThe OpenXPKI Project aims at creating an enterprise-grade PKI/Trustcenter software supporting well established infrastructure components like RDBMS and Hardware Security Modules. Flexibility and modularity are the project's key design objectives.
Unlike many other OpenSource PKI projects OpenXPKI offers powerful features necessary for professional environments that are usually only found in commercial grade PKI products.
Cynops is heavily involved in designing and implementing this PKI software.
CertNanny - Fully automatic certificate renewal
is a client-side program that allows fully automatic renewal of
certificates using the SCEP protocol.
The basic idea is to have a number of local keystores that are monitored for expiring certificates. If a certificate is about to expire, the program automatically creates a new certificate request with the existing certificate data, enrolls the request with the configured CA and polls the CA for the issued certificate. Once the certificate is ready, a new keystore with the new certificate is composed and replaces the old keystore.