The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES and JSON Web Signature/Token in pure JavaScript.

PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.

XiPKI: Compact open source PKI (CA, OCSP responder, certificate protocols ACME, CMP, EST, SCEP), with full support of PQC MLDSA (Dilithium) and MLKEM (Kyber).

The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.

Python ASN.1 library with a focus on performance and a pythonic API

⭐ Приложение-сервер для работы с Электронно Цифровой Подписью (ЭЦП) РК

Sockets with pure VB6 impl of TLS encryption

Something could be public patches

Django app providing a Certificate Authority

🐳 VMs are bloat. Dockerise your VAPT environment

wolfSSL JSSE provider and JNI wrapper for SSL/TLS, supporting up to TLS 1.3!

OCSP responder for Hashicorp Vault PKI

An implementation of TLS and related specifications in Common Lisp

Easy-to-use high-level library for PKI-enabled applications

NodePKI is a simple NodeJS based PKI manager for small corporate environments.

Multi-level Certificate Authority Management tool, front-end tool to OpenSSL, written in bash shell.

A comprehensive PKI/Certificate Authority management platform

OCSPChecker provides an automated means to check the OCSP revocation status for a x509 digital certificate.

Certgrinder is a client/server system for getting LetsEncrypt certificates for your infrastructure. ACME challenges are handled by the Certgrinder server, making it possible to get certificates in highly isolated environments, since only an SSH connection to the Certgrinder server is needed.

A tool that primes the OCSP cache of nginx for certificates managed by Certbot, in order to make OCSP stapling work reliably.

Privacy-Preserving Noise Machine for Apple Developer ID OCSP

OCSP responder written in Go meant to be used with easy-rsa

http://testssl.sh/ in a tiny docker container

SMTP DANE testing tool

Certificate Revocation check support for caddy

Node JS utility to check the signature of Apple P12 Certificates.

A .NET facility to create an OCSP Responder. Written in C# under netstandard it has support for .NET Full and .NET Core

🛡️ CA: Certificate Authority. ДСТУ: 4145. ITU/IETF: 3279, 5755, 7030, X.509.

freeRADIUS setup to authenticate Azure AD Joined Devices with EAP-TLS

a caching ocsp proxy. It accepts ocsp requests from any client, e.g. an ssl-webserver, and forwards the request to the corresponding ocsp responders or returns the ocsp response from cache. Can be used to mitigate unreliable ocsp responders that are, as required by murphy's law, always down when needed.