About_UI Done CertDetail Import Importar Discard Abandonar Not available Signer unknown Self signed Not trusted Trusted Revoked: Not valid Valid CertDetail_UI Details of the Certificate Detalles del Certificado Serial: Num Serie: Validity Validez Fingerprint Huella S&tatus The internal name of the certificate in the database Internal name Signature algorithm Private key Serial The serial number of the certificate Signed by MD5 An md5 hashsum of the certificate SHA1 A SHA-1 hashsum of the certificate The time since the certificate is valid The time until the certificate is valid &Subject &Issuer &Extensions &Cancel &OK CertExtend_UI Validity Validez This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Not before Not after Time Range Days Months Years Apply Midnight &Cancel &OK CertView is going to be deleted va a ser eliminado Import Importar Internal name Common name Serial not After Trust state Revocation The key you selected for signing is not a private one. The validity times for the certificate need to get adjusted to not exceed those of the signer Continue creation Abort It is actually not a good idea to delete a cert that was signed by you Ok The certificate There was no key found for the Certificate: Import Certificate signing request New Certificate Import PKCS#12 Import from PKCS#7 Rename Show Details Export File Request TinyCA Delete Trust CA CRL days Signing Template Generate CRL PKCS#7 Sign Encrypt Renewal Unrevoke Revoke Please enter the new Serial for signing Please enter the CRL renewal periode in days Please select the default Template for signing Plain View Tree View Error creating: ClickLabel Double click for details CrlDetail Name Nombre Serial Revocation Ok Failed Unknown signer Verification not possible Unknown certificate CrlDetail_UI Signed by: Firmado por: Name Nombre Signature Firma CrlDetail_UI Details of the Revocation list &Status Signed by The internal name of the CRL in the database Version Issuing dates Last Update Next Update &Issuer &Revocation list A list of all revoked certificates &Extensions &Cancel &OK CrlView is going to be deleted va a ser eliminado Import Importar Internal Name Issuer Common Name Revoked The Revocation list Export Certificate revokation list Rename Show Details Export PEM DER Delete ExportCert X509 Certificates ( *.cer *.crt *.p12 ) All Files ( *.* ) Save Certificate as ExportCert_UI Filename: Fichero: ... ... Export Format: Formato de exportación: Cancel Cancelar Certificate export Please enter the filename for the certificate. TinyCA filename Set the filename to the one used by TinyCA Filename Export Format OK DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format ExportKey RSA Keys ( *.pem *.der *.pk8 ) All Files ( *.* ) Save RSA key as ExportKey_UI Key export Exportar clave Please enter the filename for the key. Introduzca nombre de fichero que contendrá la clave. Filename: Fichero: ... ... DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER es un formato binario sin cifrado PEM es un formato texto bas64 con cifrado opcional PKCS#8 es un formato estandar de intercambio de claves Export Format: Formato de exportación: ExportKey_UI Filename Export Format When exporting the private key it should be encrypted. E&xport the private part of the Key too When exporting the private part, it should be encrypted. &Encrypt the Key with a password &Cancel &OK ExportTinyCA TinyCA Template directory TinyCA Directory ExportTinyCA_UI ... ... Cancel Cancelar Name Nombre TinyCA export Templatedir The directory, where the openssl.cnf template can be found TinyCA Directory the TinyCA database directory, usually: ~/.TinyCA/ The name of CA &Cancel &OK Help_UI << >> &Done ImportMulti Import Importar Internal name Common name Serial The type of the Item is not recognized: OK Details Remove Details of this item cannot be shown: The type of the Item is not recognized Error ImportMulti_UI ImportMulti_UI Import &All &Import &Done &Remove KeyDetail Available Disponible Import Importar Discard Abandonar Not available KeyDetail_UI Details of the key Detalles de la clave Name Nombre Private Exponent Exponente secreto Public Exponent Exponente público Keysize Tamaño de clave Modulus Módulo The internal name of the key used by xca &Cancel &OK KeyView Please wait, Key generation is in progress Espere, generando claves... Cancel Cancelar The key Clave is going to be deleted va a ser eliminado Import Importar New Key Nueva clave Internal name Keylength Use count Key size too small ! You are sure to create a key of the size: Create Rename Show Details Export Delete Please enter the old password of the database. Database password verify error. Please enter the new password for the database. Database password too long: Database password changed successfully. MainWindow Password Contraseña Password verify error, please try again Contraeña incorrecta, inténtelo de nuevo &Open default DataBase Open &DataBase &Close DataBase E&xit &Content &About &File &Help no such option: I'm puzzled: this should not happen ! New Password Please enter a password, that will be used to encrypt your private keys in the database-file Please enter the password for unlocking the database The following error occured: &OK Copy to Clipboard MainWindow_UI Import Importar MainWindow_UI RSA Keys &New Key &Export &Import Import PFX (PKCS#12) &Show Details &Delete Change password Certificate signing requests &New Request Certificates &New Certificate Import &PKCS#12 Import P&KCS#7 Plain View Templates New &empty template New C&A template New &client template New &server template Ch&ange Template Export Revocation lists NewKey_UI Keysize Tamaño de clave New Key Nueva clave Name Nombre New key Please give a name to the new key and select the desired keysize Key properties Usually 1024 or 2048 bit keys are used The internal name of the new key &Cancel C&reate NewX509 Server Template Client Template CA Template Empty Template Welcome to the settings for certificate signing requests. A signing request needs a private key, so it will be created if there isn't any unused key available in the key database. This signing request can then be given to a Certification authority while the private key of the request and of the resulting certificate returned from the CA does never leave your computer. You are done with entering all parameters for generating a Certificate signing request. The resulting request should be exported and send to an appropriate CA for signing it. Certificate signing request Welcome to the settings for Templates. This templates do not refer to any ASN.1 structure but are used to keep default settings for signing requests and certificates. When creating a Request or Certificate the template can preset the needed fields with default settings. You are done with entering all parameters for the Template. After this step the template can be assigned to one of your CAs to be autoatically applied when signing with this CA. Template change Welcome to the settings for Certificates. The information for the new Certificate can either be grabbed from a given Certificate-request or be filled in by hand. In the case of not signing a request there needs to be at least one unused key. If this is not the case it will be created. If you want to self-sign a request (unusual but nevertheless possible) you need the private key used to create the request. You are done with entering all parameters for creating a Certificate. Certificate NewX509_UI Validity Validez Organisation Organización Country País NewX509_UI Press Next to continue Signing request Sign this Certificate signing &request A certificate signing request can be signed, even if the private key of the request is not available. This is the intention of a CSR: Getting signed by a CA certificate, whoes certificate of course must be in the database Of course you need the private key of the CSR if you want to create a self-signed cert from it. Signer Use &this Certificate for for signing Create a &self signed certificate with the serial 1 If you leave this blank the serial 00 will be used All certificates in your database that can create valid signatures This list contains all certificates with the CA-flag set to true and whoes private key is present in the key-database. If this list is disabled, you only can create a self-signed certificate. Template Template for the new certificate All available templates This list contains all templates from the toplevel template Tab. Additionally it contains 4 default templates: Empy, CA, client, server Change the default &extension settings from the template Check this to adjust all details of the certificate Source of the subject This name is only used internally and does not appear in the resulting certificate Must be exactly 2 letter of size (DE, UK) Country code State or Province Locality Organ. unit Common name E-Mail address Internal name Add Delete Object Value Private key This list only contains unused keys MD 2 MD 5 SHA 1 &Generate a new key This funny button creates a key. Go figure. Basic Constraints Type Not defined Certification Authority End Entity If this will become a CA certificate or not Set this to TRUE if you want to create a CA certificate that signs other certificates. This is always set to FALSE for client or server certificates. In most cases self-signed certificates are CA certificates. Self-signed non-CA certificates are unusual although they are possible. Path length How much CAs may be below this. If this is left empty the pathlen is not included in the certificate. Otherwise it distinguishes the count of chained CA certificates below this one. A pathlen of 0 means, that this certificate may not issue other sub-CA certificates. Although it can do it, all chain-checking algorithms in e.g. your browser or openssl will (should) fail. &Critical The basic constraints should always be critical Key identifier &Subject Key Identifier Creates a hash of the key following the PKIX guidelines &Authority Key Identifier Copy the Subject Key Identifier from the issuer If this box is checked an attempt is made to copy the subject key identifier from the signing certificate. It also copies the issuer and serial number from the issuer certificate. Normally this will only be done if the keyid option fails. Not before Not after Time Range Days Months Years Apply Midnight Set the time to 00:00:00 and 23:59:59 respectively subject alternative name Copy &e-mail address from subject line This will automatically include any email addresses contained in the certificate subject name in the extension. DNS: IP: URI: email: RIP: The subject alternative name extension allows various literal values to be used. These include "email" (an email address) , "URI" a uniform resource indicator, "DNS" (a DNS domain name) , RID (a registered ID: OBJECT IDENTIFIER) and IP (an IP address). Examples: email:my@other.address, IP: 1.1.1.1 , URI:http://my.url.here/ email:my@other.address, RID:1.2.3.4, DNS: ns.server.tld issuer alternative name Copy &issuer name Wether to copy the subj. alt. name from the issuer The issuer alternative name extension allows various literal values to be used. These include "email" (an email address) , "URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a registered ID: OBJECT IDENTIFIER) and IP (an IP address). Examples: email:my@other.address, IP: 1.1.1.1 , URI:http://my.url.here/ email:my@other.address, RID:1.2.3.4, DNS: ns.server.tld Key Usage Digital Signature Non Repudiation Key Encipherment Data Encipherment Key Agreement Certificate Sign CRL Sign Encipher Only Decipher Only Extended Key Usage C&ritical can be altered by the file "eku.txt" CRL distribution point Authority Info Access Certificate Policies The authority information access extension gives details about how to access certain information relating to the CA. Its syntax is accessOID;location where 'location' has the same syntax as subject alternative name (except that email:copy is not supported). accessOID can be any valid OID but only certain values are meaningful for example OCSP and caIssuers. OCSP gives the location of an OCSP responder: this is used by Netscape PSM and other software. Example: OCSP;URI:http://ocsp.my.host/ caIssuers;URI:http://my.ca/ca.html This is a multi-valued extension that supports all the literal options of subject alternative name. Of the few software packages that currentlyi nterpret this extension most only interpret the URI option. Currently each option will set a new DistributionPoint with the fullName field set to the given value. Other fields like cRLissuer and reasons cannot currently be set or displayed: at this time no examples were available that used these fields. If you see this extension with <UNSUPPORTED> when you attempt to print it out or it doesn't appear to display correctly then let steve know, including the certificate (mail steve at openssl dot org) . Examples: URI:http://www.myhost.com/myca.crl URI:http://www.my.com/my.crl, URI:http://www.oth.com/my.crl This will be enabled in a later version :-( If you follow the PKIX recommendations of not including any qualifiers and just using only one OID then you just include the value of that OID. Multiple OIDs can be set separated by commas, for example: Example: 1.2.4.5, 1.1.3.4 can be altered by the file "aia.txt" SSL Client SSL Server S/MIME Object Signing SSL CA S/MIME CA Object Signing CA Great picture , heh ? CA Revocation URL Revocation URL SSL server name Certificate renewal URL Comment CA policy URL Base URL If you know a more pretty one tell me PassRead_UI Password Contraseña &Cancel &OK PassWrite_UI Password Contraseña Repeat password &Cancel &OK QMessageBox The file ' ' could not be opened QObject All Files ( *.* ) Import RSA key Netscape Request ( *.spkac *.spc ) PKCS#10 CSR ( *.pem *.der *.csr ) Import Request Certificates ( *.pem *.der *.crt *.cer ) Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b ) Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx ) Import PKCS#12 Private Certificate XCA templates ( *.xca ) Import XCA Templates Revocation lists ( *.pem *.crl ) Import Certificate Revocation List XCA Databases ( *.db ) Open XCA Database QString Please wait, Key generation is in progress Espere, generando claves... Cancel Cancelar ReqDetail Import Importar Discard Abandonar Not available ReqDetail_UI Details of the request Detalles de la solicitud Details of the certificate signing request Detalles de la solicitud Signature Firma Subject Sujeto ReqDetail_UI S&tatus Internal Name Internal name of the PKCS#10 signing request Private key Signature algorithm &Subject &Cancel &OK ReqView is going to be deleted va a ser eliminado Import Importar Internal name Common Name The Certificate signing request Export Certificate signing request New Request Rename Show Details Sign Export PEM DER Delete TempView is going to be deleted va a ser eliminado Import Importar Internal name Type The Template Export Template New Template Empty CA Client Server Rename Export Change Delete Create certificate Create request TrustState_UI Set Trustment of the Certificate Select the Truststate &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate &Cancel &OK Validity Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Now XcaListView Cancel Cancelar The system detected a NULL pointer, maybe the system is out of memory El sistema detectó un puntero NULL, podría deberse a falta de memoria Delete db_base Error loading: ' db_crl The revokation list already exists in the database as and so it was not imported db_key The key is already in the database as La clave ya aparece en la base de datos como and is not going to be imported y no va a ser importada The database already contains the public part of the imported key as La base de datos ya contiene la parte pública de la clave importada como and will be completed by the new, private part of the key y será completada por la nueva parte secreta de la clave db_x509 The certificate already exists in the database as and so it was not imported db_x509req The certificate signing request already exists in the database as and thus was not stored pki_key Please wait, Key generation is in progress Espere, generando claves... Cancel Cancelar Please enter the password to decrypt the RSA key. Password for PKCS#8 private key Please enter the password to decrypt the PKCS#8 private key. Please enter the password protecting the PKCS#8 key Please enter the password protecting the RSA private key pki_pkcs12 Please enter the password to decrypt the PKCS#12 file. Please enter the password to encrypt the PKCS#12 file pki_temp Template file content error Empty CA Client Server pki_x509 Not trusted Trust inherited Always Trusted