CMP for OpenSSL

To support the upcoming effort on the project, the project moved to Sourceforge. Besides SVN and Wiki, other Sourceforge features (e.g. the Bugtracker) will be taken into use when needed.

Please consider joining the effort on this project.

More information is available at https://sourceforge.net/projects/cmpforopenssl/.

CMP for OpenSSL is an implementation of the Certificate Management Protocol (CMP) version 2, defined in RFC 4210, as an extension to OpenSSL. Since it is associated to CMP, the Certificate Request Message Format (CRMF), defined in RFC 4211, is also handled.

While it is already possible to use this software for basic operation, development is still at an early stage. Expect it to be neiter in a "100% ready to be delivered to your customers" state, nor the API to be completely stable! There is still some work to be done. Keep an eye on this website to stay up-to-date!

This CMP realisation sticks to the RFC definitions by default. A flag can be set to adjust to CA implementations not complying with the standard. The long term goal is to have a full featured, RFC conforming client, able to interact with any available CMP capable CA. So far, it is possible to obtain and update X509 certificates utilizing the Cryptlib CA and to obtain certificates from the Insta Certifier. Other compatibility is work in progress.

The complete source can by downloaded through SVN. The package contains the OpenSSL extension and a client implementation using it. The source for a rudimentary CA based on Cryptlib is also included. Please consider the respective licenses of all included software!

A public CA is available for convenient evaluation of this CMPv2 implementation.

Please let me know if you want to contribute or need any help.