Fully Open Edge Cloud

Authentication Infrastructure

This page provides a collection of resources related to authentication in complex environments.
  • Last Update:2016-05-16
  • Version:001
  • Language:en

This page provides a collection of resources related to authentication in complex environments.

Table of Contents

This includes PKI, SSO reverse proxies, authentication plugins. Since ERP5 is based on PAS, it should be possible to extend the standard authentication setup with any of the more complex environments described.

Many sources are in French, probably because open source PKI market is quite developed in France with many large customers, large implementations and leading providers.

Starting Points

  • Concept de base des PKI provides an easy introduction in French to PKI
  • Comment monter une PKI open source provides a summary of existing projects and approaches (In French)
  • IGC CNRS provides an exhaustive list of links and explanations (In French)
  • HSC provides a short introduction to PKI (In French)
  • Open Source PKI Book may be a good start point although it is old
  • Mise en place d'une PKI libre (French) provides a step by step guide

Open Source PKI

  • Open Source PKI provides a quite exhaustive list of open source PKI solutions


  • OpenCA is one the pioneers in open source PKI
  • PrimeKey provides a wide range of PKI related solutions in LGPL. Leading project is called EJBCA.
  • OpenTrust PKI is the open source market leader. Source code is provided to customers under GPL. OpenTrust also provides an SSO reverse proxy. Latest versions are no longer open source.
  • Rooster is an open source PKI made by Intrinsec
  • LASSO provides a way to federate multiple PKIs. It is written in C and in python. It is supported in about any language.
  • Bandit is supported by Novell
  • FederIDis based on LASSO and supported by ObjectWeb
  • OpenSSO is a Java based SSO

Time Stamping

  • OpenTSA provides a time stamping solution built into Apache.

Reverse Proxy


  • OpenOCES includes a java applet to sign text
  • OpenCA client support provides minimal information on the built-in signature features of browsers

Zope / Python Stuff

  • PyCais a python implementation of a certificate authority provider
  • PyKI provides a couple a scripts to manage a minimal public key infrastructure
  • GEARS Plugin was made by the GEARS project to integrate LASSO with Zope


  • OpenSC provides access to smart card


  • DFN
  • PKI Page
  • XML Digital Signature Tool
  • Key Manager
  • OpenXPKI
  • M2Crypto
  • TLSLite
  • PyCa

Related Articles