A MicroCA is a very small certificate authority software, that operates on prepared X.509 requests (instead of PKCS#10 requests), and enforces DNS Name Constraints in a small and secure hardware environment. The MicroCA ensures unconstrained interoperability with existing software, since it verifies the constraints inseide the CA, and issues normal X.509 certificates.



The current plan is to either use JavaCards compatible Tokens, and develop the MicroCA as a Javacard-Applet, or alternatively to use a HSM. Possibly qualifying hardware:


The software needs to fit on the chosen hardware platform (Javacard or other environment) and provide the following features:

If you are interested in a MicroCA based Sub-CA, please contact us.