Simple PKI-based access control for the Web
Do you operate in a bridged environment? Do you simply want to increase the usefulness of your PKI for controlling access to your web applications? Webcullis provides a simple, secure and flexible solution for integrating your PKI and your web aplications. Webcullis Features
- Certification path building and discovery compatible with the DoD PKI and the Federal bridged environments.
- RFC 3280-compliant path validation
- Cached validations to reduce server load for multiple requests
- Simple configuration syntax
- Access restrictions may be based on: Name constraints, Key Size, Extended Key Usage, Policy Constraints or Quality of revocation information
- Allows the use of one or more LDAP directories for path building
- One or more trusted OCSP responders may be configured for path validation
- Webcullis trust roots are separate from the system trust roots, enabling server-side work-arounds for client-side bugs.
- Access to resources may be controlled without configuring cumbersome mappings between certificates and system accounts on IIS.
Webcullis is licensed under the GPL! Send questions or comments to webcullis_support AT cygnacom DOT com.
System Requirements
Webcullis curently runs on Microsoft’s IIS 5.0 and 6.0 (Windows 2000 Server and Server 2003) and on Apache httpd version 2.0.47 and later on Windows, Solaris and Linux. A beta version for Netscape/Sun/iPlanet is available.
Technical Documentation
Read the Frequently Asked Questions.
Download the current Webcullis user’s manual.
Webcullis certifications
Webcullis has been evaluated on both Windows 2000 and Red Hat Linux by the US DOD JITC testing laboratory.
Webcullis has been evaluated by the GSA PDVAL testing laboratory.