The OpenCA Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide. OpenCA is based on many Open-Source Projects. Among the supported software is OpenLDAP, OpenSSL, Apache Project, Apache mod_ssl.
nsLight PKI is a CGI script that uses OpenSSL to provide Public Key Infrastructure operations. Its features include key ceremony workflow for initialization, requesting of certificates in centralized mode (PKCS#12 generation), certificate view and revocation,CRL generation (at revocation time and once a day by cron job), certificate expiration notifications, and UTF-8 support. It has built-in support for RSA/SHA-1/3DES and GOST R 34.10-2001, GOST 28147-89, and GOST R 34.11-94, the cryptographic provider being OpenSSL 1.0. The script is used both as Web-based interface and cron task.