Free ssl certificate software for linux

Odyssi Certificate Server is a Java-based certificate authority server.
Odyssi Certificate Authority Server is released as 100% free software under the GNU General Public License (GPL). You are free to make changes to any of its components for deployment within your own organization. This provides you the freedom to integrate the CA with your existing systems and resources.
In addition, Odyssi CA makes use of other award-winning Open Source products, such as Hibernate, Apache Tomcat, Apache Axis, and others. Open Source database products, such as MySQL and PostgreSQL, are also fully-supported, allowing you to run your entire CA infrastructure on an Open Source platform. And, because Odyssi CA is written completely in Java, it will work on any platform with a Java VM.
Enhancements:
- This release provides minimal support for submitting certificate requests and generating X.509 certificates.

Graphical certification authority project is a graphical user interface to OpenSSL, RSA/DSA public keys, certificates, signing requests and revokation lists.
The keys have an internal counter, counting its use to avoid a duplicate use of a key for creating a certificate or request.
The Keys are of course encrypted in the db file.
Xca supports next to the usual PEM and DER format of certificates the import and export of PKCS#12 (aka *.pfx) files and the Certificate import from PKCS#7 files.
Certificates can be created by self signing it, by signing it by an other (usually CA) certificate or by signing a PKCS#10 request. Netscape SPKAC is supported since version 0.4.6. The validity dates and x509.v3 extensions can be adjusted to fit ones needs. The use of multiple certificates in CA chains is supported and a tree view of the certificates reflects the dependencies. The application takes care to not create duplicate certificates by checking the serial number(s) on import and creation of certificates.
Certificate Templates can be used to preset the input dialog with reasonable values and to simplify the process of creating certificates and requests.
Issued certificates can be revoked and the revokation list can be created and exported. External revokation lists can be imported and examined.
Enhancements:
- This version fixes an issue where some CA signed certificates were not sorted correctly below that CA.
- Malformed certificates no longer cause a crash.
- The string encoding rules for the distinguished name can now be set in the options dialog and PKCS#10 attributes can be set and inspected.

kfile-cert is a plugin for KDE that displays additional information on X509 certificate files (.cer, .crt, .pem extension) in the file properties dialog and file pop-up tip in Konqueror.

The information includes: certificate status, validity term, issuer, subject.

XySSL is a cryptographic library written in C. It currently features several ciphers (AES, Triple-DES, and ARC4), hash functions (MD{2,4,5}, SHA-1, and SHA-256), and RSA and X.509 reading support.
XySSL project also implements the Secure Sockets Layer version 3 protocol (SSLv3), as well as the Transport Layer Security version 1 protocol.
Main features:
- AES, Triple-DES, DES, ARC4
- MD2, MD4, MD5, SHA-1, SHA-256
- HAVEGE random number generator
- RSA with PKCS#1 v1.5 padding
- SSLv3 and TLSv1 client support
- X.509 certificate reading
Enhancements:
- This releases fixes several bugs and adds nine demonstration programs.

yaSSL is an SSL Library for programmers building security functionality into their applications and devices.
yaSSL has a dual licensing model, like MySQL, so it is available under GPL and commercial licenses. Support and consulting are also available for yaSSL.
Main features:
- SSL version 3 and TLS version 1 (client and server)
- OpenSSL compatibility layer
- MySQL integration
- Initial stunnel integration
- MD2, MD5, SHA-1, RIPEMD, HMAC, DES, 3DES, AES, ARC4, TWOFISH, BLOWFISH, RSA, DSS, DH, and PKCS#5 PBKDF2
- Simple API
- Interchangeable crypto and certificate libraries
- PEM and DER certificate support
- Very fast
- Multiple OS support: Win32, Linux, Solaris, FreeBSD, NetBSD, OpenBSD, and Mac OS X
Enhancements:
- This release of contains bugfixes and adds SHA-256, SHA-512, SHA-224, and SHA-384.

mod_ssl_error is a X.509 certificate validation error trapping (SSL).

Valid errors are:

unable to get issuer certificate
unable to get CRL
unable to decrypt certificate signature
unable to decrypt CRL signature
unable to decode issuer public key
certificate signature failure
CRL signature failure
certificate not yet valid
certificate has expired
CRL not yet valid
CRL has expired
error in certificate "not before" field
error in certificate "not after" field
error in CRL "last update" field
error in CRL "next update" field
out of memory
depth zero self signed certificate
self signed certificate in chain
unable to get issuer certificate locally
unable to verify leaf signature
certificate chain too long
certificate revoked
invalid certification authority
path length exceeded
invalid purpose
certificate not trusted
certificate rejected
subject issuer mismatch
"akid" skid mismatch
"akid" issuer serial mismatch
"keyusage" different from "certsign"
unable to get CRL issuer
unhandled critical extension
"keyusage" not for CRL signing
unhandled critical CRL extension

SSL-Explorer project is the worlds first open-source SSL VPN solution of its kind. This unique remote access solution provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser.
SSL-based VPNs have become a hot topic in recent years. The benefits to productivity and the low maintenance overhead that comes with browser-based VPN solutions are something that cannot be overlooked by most businesses, though implementation costs can often be prohibitive.
In contrast to a conventional IPsec-based solution, no client side code needs to be installed on your end users systems. SSL VPNs rely on Javatm based technology and hence require only a standard web browser to operate.
Standard network protocols can be tunnelled through the SSL connection, meaning that email and intranet web/file resources are easily and securely accessible from outside the corporate network.
The use of SSL is highly beneficial in these circumstances since most firewall policies grant access to SSL traffic by default, meaning that no additional configuration is required. Our solution is not a firewall, but it effectively allows you to lock-down your network, leaving just a single port open on your firewall.
Enhancements:
Core
- Restart message is not prominent when a parameter is changed which requires a restart.
- A newly created resource should be seen instantly to logged in users without users having to log out and back in again.
- Name search does not escape invalid XML characters from the username.
- Name search is unable to find users with a space in the name.
- HTTP header injection exploit.
- Policies not listed in resource info tooltip.
- No Restart notification displayed when a valid license is installed after an invalid license upload fails.
- The SingleConnection tunnel command when creating extensions does not work with the false flag.
- Page table should provide each page in blocks of 10 items.
- Some system properties dissapear if an extension fails to upload.
- Sessions are not cleaned up after user disconnects.
- Group page GUI refactored.
- Status page GUI refactored.
- License manager page GUI refactored.
- Replacements option moved under web forwards.
- Replacement variables do not contain session:username and password in agent server proxy tab.
- Weak ciphers have been disabled for default configurations.
- Extension store fails to download plug-in dependencies.
- Access right page has strange 5000 resource type exists.
- Policy selection page contains redundant up and down button functionality.
- Creating a user then cancelling during password assignment.
- Creating applications with integer parameters are unable to use user attributes.
- Remote tunnels do not show in tunnel monitor.
- SSL-Tunnel source interface has no validation.
- Pressing cancel in profiles page when the session has timed out causes an exception if you try to press cancel again.
- Profiles page refactored.
- Checking a checkox in global profiles is unchecked after you change tabs.
- If you have a User and a Group with the same name, these cant both be assigned to a policy.
- Assigning a user which doesnt exist to a policy throws an exception.
- User cannot create an attribute even though they have been given the access rights to do so.
- Description is not a required field when creating an attribute.
- Filter does not work in attributes.
- Attributes page GUI refactored.
- Extension page GUI refactored.
- If a disabled extension has an update available the info page shows an exception.
- Password authentication scheme should be the only authentication scheme whenever prompted for re-authentication.
- Authentication scheme page GUI refactored.
- An authentication scheme should be allowed to be primary if a secondary scheme also exists.
- Redirection when canceling out of selecting an authentication scheme at logon is incorrect.
Installer
- Stepping back through the installer and changing the certificate type causes unusual behaviour during installation.
- Installation of extensions step in installer is irrelevant.
- Insallation progress bar added.
- Selecting All interfaces in the web server configuration step causes the service to fail.
Internationalization
- Selecting default language or disabling user selecting language do not work.

DarkerIRC is a small chat application you can put on your website, allowing you to communicate with the visitors of your website. It can be used for online communities allowing their members to communicate realtime.
Main features:
- Full color support
- Full IRC compatibility
- Easy configuration through a config file
- Multiple channel support
- Fully Themable/customizable graphics
- Ability to connect to any server you specify
Enhancements:
- Quakenet support has been fixed.
- This release includes a new (self-signed) certificate, as the original one expired after five years.