Simple automatic certificate enroller
An idea of Paolo Prandini.
Copyright (c) Alberto Forino 2004.
All rights reserved. See the file COPYRIGHT for licensing information
AUTOSSCEP is an automatic x509 certificate enroller based on SCEP (Simple Certificate Enrollment Protocol). It provides VPN users an easy maintenance of their certificates.
It was developed in S.P.E. laboratories starting from Sscep client by Jarkko Turkulainen and it's based on OpenSSL toolkit library.
WHAT IS SCEP?
(from Internet drafts)
SCEP (Simple Certificate Enrollment Protocol) is a PKI communication protocol which leverages existing technology by using PKCS#7 and PKCS#10. SCEP is the evolution of the enrollment protocol developed by Verisign, Inc. for Cisco Systems, Inc. It now enjoys wide support in both client and CA implementations.
The purpose of this project is to mantain valid certificates for unix systems.
In particular AutoSscep was developed to keep valid certificates for VPN based on freeSwan software with the X509 certificate patch extension.
To achieve its goal Autosscep works on SCEP Cisco protocol.
In this way your unix VPN concentrator can work similar to a Cisco router.
Autosscep has been successfully tested with
- OpenCA server
- Win2000 server CA + Microsoft SCEP module
- VeriSign Onsite
- SSH Certifier
S. P. E.® Sistemi e Progetti Elettronici s.a.s. di P. Prandini & C.
Via Liguria, 5 • 25125 BRESCIA • Italy
tel. +39 0302427266 • fax +39 02700406565 • email firstname.lastname@example.org