Key Management

BounCA is a web-gui based X509.v3 certificates management tool

Set up Your Personal Key Infrastructure in less than 60 minutes

BounCA Local BounCA Cloud

Get the Source Code

BounCA Makes Key Management Easy

BounCA is a web-application. Don't hassle anymore with OpenSSL. Let you guide by the easy user interface and create your trusted encrypted communication network with your peers in a couple of minutes. Create a PKI, sign and revoke server and client X.509 v3 SSL certificates. With BounCA you can secure your web applications and OpenVPN connections without passwords, and secure access to your private cloud services with own HTTPS scheme. BounCA offers a REST-api for certificate generation, create a provisioning service for your Internet of Things devices was never so easy.

Sass and Less support


BounCA lets you create root certificate authorities, create intermediate certificates and client, server certificates in an easy web application. Export your keys as PEMs, PKCS12 files for your mail clients, and web servers such as NGINX and Apache.

Responsive across devices


BounCA is a web based tool. Within your favorite browser, you will have a clear overview of outstanding certificates, and the ability to revoke them within one mouse click. Keep also track of the expiration of certificates by importing the expiry date in your calendar.



With BounCA, you can access your CA via a web browser, RESTful API and it is also possible to export your PKI with command line scripts. Manage the authentication of your Internet of Things (IoT) devices and Hook BounCA to your deployment system to generate client and server certificates on the fly.

BounCA is open source. It's hosted, developed, and maintained on GitLab.

View the GitLab project

Don't want to host it yourself. BounCA is also available as a service.

BounCA cloud

How does it work.

Download BounCA and Create your Root Certificate, create one or more Intermediate Certificates and create server and client certificates.

Start now and visit the install pages.

Your Own Chain of Trust

Key based authentication provides you a couple of interesting advantages

  • No single point of failure: Decoupled and decentralized authentication management
  • You are in control of your complete trust chain: Spoofing nearly impossible as no third party is involved
  • Rocket fast authentication: SSL off-loading can be performed by your webservers

Use cases for a key based authentication infrastructure are

  • Secure your internal REST micro-services and internal API's
  • Client-certificate based login for web-services and web applications
  • Secure access to your internal cloud services with your own HTTPS scheme
  • Secure your Internet of Things (IoT) network with your certificates and provision them via the BounCA API

Protect your Data, Protect your Communication, Protect your Business, get BounCA

Site structure