1. Home
  2. /
  3. Contributors

EJBCA Contributors

The success of EJBCA as the leading PKI and CA software in the industry is due to the continuous contribution from our growing list of internal and external contributors. We welcome you to join our community and leverage your expertise to shape the future of digital security.

Malin Ridelius EJBCA

We owe our success to our incredible community of users. Your engagement and participation in our product's evolution through bug fixing, feedback, and contribution have been invaluable. Thank you for being a part of our journey!

Malin Ridelius, VP Keyfactor Community Open Source products

How to contribute to EJBCA

If you want to contribute to the project, we welcome you to take part in discussions, submit an issue, or create a pull request under the LGPLv2.1+ license. 

For more information, see EJBCA Contributing Guidelines on GitHub.

Keyfactor contributors

We value all contributions to our product, and our employees are no exception. We're grateful for the time and effort our team has invested in developing EJBCA. Thank you for your dedication to our success! Check out the list of our internal contributors who have helped shape our product:

  • Tomas Gustavsson, Project founder. (2001 – )
  • Anna Diruba Christensen, First project homepage design, until EJBCA 3.5.
  • Lars Silven, Core developer (2001 – )
  • Philip Vendil, Core developer (2001 – 2009)
  • Johan Eklund, Core developer (2007 – 2022) and Senior Architect (2015 – 2022)
  • Tham Wickenberg, Core developer (2008 – 2010)
  • Anders Rundgren, Contributing developer (2009 – 2014)
  • Markus Kilås, Contributing Developer (2009 – )
  • Aveen Ismail, Core developer (2010 – 2018)
  • Mike Agrenius Kushner, Core developer (2010 – ), Product Owner (2015 – 2022) and Senior Product Architect (2022 – )
  • Samuel Liden Borell, Core developer (2011 – )
  • Marcus Lundblad, Contributing developer (2011 – )
  • Corentin Marciau, Favorite Intern, GOST Integration (2012)
  • Marko Prvulovic, Core Developer (2013 – 2017)
  • Ebrahim Shirvanian, Quality Assurance (2015 – )
  • Henrik Sunmark, Core Developer (2017 – ), Team Leader (2018 – 2022) and Product Owner (2022 -)
  • Bastian Fredriksson, Contributing Developer (2017 -2022)
  • Oskar Eriksson, Favorite Intern (2017 – 2018)
  • Amin Khorsandi, Core Developer (2017 – )
  • Annica Waltersson, Tech Writer (2017 – )
  • Anton Hodell, Contributing Developer (2017 – )
  • Maria Kilsved, Favorite Intern (2017)
  • Ulf Undmark, Core Developer (2017 – )
  • Rammohan Bandi, Quality Assurance (2018 – 2022)
  • Margaret Thomas, Quality Assurance and Team Leader (2019 – )
  • Nutcha Söderdahl, Favorite Intern (2019) and Quality Assurance (2022 – )
  • Biniyam Arefayene, Favorite Intern (2020)
  • Ghana Vinodhini, Favorite Intern (2020)
  • Johanna Axner, Core Developer (2020 – )
  • Tobias Mindell, Favorite Intern (2020)
  • Parumita Saha, Core Developer (2022 – )
  • Måns Andersson, Core Developer (2022 – )
  • Tanmoy Kundu, Core Developer (2021- )
  • Andrey Sergeev (Consultant, Helmes), Contributing Developer
  • Andris Dobičinaitis, (Consultant, Helmes), Contributing Developer
  • Jekaterina Bunina (Consultant, Helmes), Contributing Developer
  • Lauri Kongas (Consultant, Helmes), Contributing Developer
  • Taher Uddin, (Consultant, Helmes), Contributing Developer
  • Tarmo Raudsep (Consultant, Helmes), Contributing Developer

External contributors

We encourage and appreciate all contributions. Here is the list of people who have donated their valuable time to produce code included in EJBCA. Many others have contributed with bug reports, feature suggestions, etc. In approximate chronological particular order:

  • Nathan Phelps, Testing, bugfinding and suggestions.
  • Leo Tai, Oracle database configuration.
  • Timothy Fisher, Architecture overview.
  • Karl-König Königsson, Better deployment scripts for EJBCA 2.x
  • Thomas Karlsson, Firewall script, Swedish translation.
  • Magnus Broqvist, Initial P12toPEM implementation.
  • Slava Sklarewski, Data flow diagram.
  • Leonardo Souza Mario Bueno, Patch for request template path.
  • Jean Ye, Support for Sybase, intial support for Active Directory, EJBCA 3.1 on Weblogic 8.1, port of EJBCA 2 to Java 1.2/EJB 1.0, suggestions and bugfixes. Quick guide for setting up a CA. Improved internationalization support. Chinese translation.
  • Gösta Bäckström, Initial PKCS7 to browsers.
  • Ville Skyttä, AdminCertReqServlet, Various patches, LDAP publisher advice
  • Koen Serry, Many small improvements.
  • Dickon Field, EJBCA 3.0.x on Weblogic 7.1.
  • Justin Wood, PKI Tools subproject.
  • Thomas Meckel, Initial OCSP implementation.
  • Jon Barber, Early SCEP testing and fixes. surd0007(at)yahoo.com.cn, Initial install guide.
  • Mike Jackson, Proper LDAP schema. Device certificate schemas.
  • Stephane Bailliez, Patches all over, XDoclet, new install, configure and cli for 3.1, web.
  • Yannick Quenec’hdu, French translation, help with SafeNet HSM and some other patches, new EJBCA pki logo.
  • James A. Rome, Additional ‘Use fields in DN’ for publisher, JKStoPEM, lots of testing and input, change_p12_pwd.
  • Manuel Ruiz, Make admin commands flexible and usable from within java-code.
  • Risto Laanoja, Fix for integer overflow when setting CRLPeriod longer than 596 hours. Several instances of one altName and other patches. User authentication with JAAS/Kerberos.
  • Giampaolo Tomassoni. PostgresSQL 8.0.
  • Philipp Faerber, EJBCA 3.0.x on Weblogic 8.1, adminweb sql fix. Initial support for Eracom HSM. German translation.
  • Hu Aranjuez, Column name fix for MS SQL2000.
  • Marco Ferrante, Italian translation, openssl migration howto, importcert cli function.
  • Alejandro Falcone, Spanish translation.
  • Bruno Bonfils, added X-ORIGIN to device schema for latest Sun Directory Server. Tested Cisco IOS and made the IOS Howto. OpenSSH and X509 authentication. Hudson.
  • Resurreccion Mazo Gonzalez, LdapSearchPublisher.
  • Ronan le Meillat, Htmlized french translation.
  • Zhengrong (Jerry) Liu, Limit length of primary key columns when using UTF-8 encoding in MySQL, fix for static fields in server.xml.
  • Gabriel Belingueres, Support for Informix 9.2.
  • Yovko Ilchev Yovkov, Howtos for Fedora Core 4 and 5.
  • Javier Aparicio Conesa, User notice and CPS in certificate policy extension. Directoryname in alternative names. CRL Issue period. Option to not remove certificates from publisher when revoked. Patch for unsuspend from CRL.
  • Jon Bendtsen, OpenVPN installer package enrollment.
  • Henrik Schack, Documentation about dns alt name for Cisco PIX.
  • Alexander Horvath, Patch to make OCSP compatible with Thunderbird/Firefox.
  • Henrik Anreasson, Debian package, installer and documentation improvements, lots of testing and suggestions.
  • Michael Rieken, Updates to german translation.
  • Rolf Staflin, New public web for EJBCA 3.5.
  • Munteanu Olimpiu Andrei, Jasper reports functionality.
  • Lee, updates to Chinese translation.
  • Yuji, patch for deadlock problem.
  • Nuno Ponte, Portuguese translation, delta CRL, noOcspCheck extension, freshestCRL, intermediate nodes in LDAP, caIssuers AIA extension, Pseudonym DN component, and much more.
  • Nicolas Coudene, completing the DB2 support, updates to french translation.
  • Sebastien Levesque, WS-API calls for listing CAs and profiles.
  • Abbas Razam, fixes to ms-sql upgrade scripts 31_32 and 33_34.
  • Darren Johnson, split CAToken to be able to use separate JCE/JCA providers, makes SCEP work on Luna HSM with java provider.
  • Matt Stevenson, code for adding CRMF and SPKAC requests in WS-API, Sybase and case-sensitive columns, MS document signing extended key usage, Intel AMT extended key usage.
  • David Carella, French localization and language improvements, PKI standard compliance and Web UI improvements.
  • Miguel Angel Tormo Alfaro, ETSI retention period in QC certificate extension, fix for advanced searches with ProtectedLog, Sequences in BasicCertificateExtension.
  • Damir Farazetdinov, Found bug with duplicate error codes in OCSPUnidClient.
  • Liam Kian Shin, Howto for using GEMSafe with EJBCA.
  • Koichi Sugimoto, initial patch for creating certificate request from any CA.
  • Keijo Kurkinen, National Swedish Police Board, Cert-CVC library for handling CV certificates for EU EAC ePassports.
  • Kelly Hayashi, patch for PKCS12 ExtRA requests not working with approvals.
  • Jakob Jenkov, advice on fair thread locking for ProtectedLog synchronization.
  • David Galichet, add error code on web services. WS user creation uses profile information
  • Vincent Kan, WS user creation uses profile information
  • Thomas Noel, Retrieve Delta CRL in CertDistServlet.
  • Christian Kleinewächter, Support PostgreSQL in Glassfish
  • Dirk-Willem van Gulik, Substitutions in sender and rcpt in email notifications.
  • Dai Tokunaga, XKMS working on Java 6 and Glassfish.
  • Martin Simka, cvcwscli.cmd.
  • Waldek Kozba, Patch for not quoting int type columns for advanced log search.
  • Kevin Dean, sql script for MS-SQL on Glassfish, help with issue mixing EJBs and SQL.
  • Rafal Parzych, fix IAIK provider usage with multiple CAs.
  • Thijs van Dalen, KeyStrings fixes for HSM key generation, proper key sequence incrementation, and other CVC fixes.
  • Toru Tanaka, OGIS-RI Co. Ltd., Japanese translation.
  • Vlad, Exim Bank, Fix for IE provider selection in External RA GUI.
  • Matthias Knoll, BRZ, Fix for automatic OCSP renewal using ECC.
  • Andrew Dunn, Fix for not adding OCSP GET cache headers for responses with nonce. SecureMetric, Fix IE11 enrollment in public web.
  • Kaan Kivilcim of The Google Security Team, suggestions for security improvements.
  • Stefan Selbitschka, patch to allow HELP text in custom publisher UI.
  • Mohammad Anwari, Add CESeCore API support for RFC-4683 idOnSim OtherName (altName).
  • Andres Jakobs, Admin GUI support for eIDAS QC extension (type and PDS URL), Default “CA issuer URI” for CA. WS CA cert update. Validators (through PrimeKey).
  • Mauricio Giacomini Penteado, Overridable and Non-overridable OIDs extension list limitations (ECA-5139).
  • Jean-Sébastien Bevilacqua, Patch for not removing end entity profile in legacy script based auto enrollment.
  • Jaime Hablutzel, Ability to modify the built-in password encryption/obfuscation key. Patch for constant octet size random serial number generator concurrency, initial support for Azure Key Vault crypto token, and other fixes.
  • Christian Felsing, ejbca-setup install script for easier setup.
  • Claes Jakobsson, Initial EST (RFC7030) implementation (through PrimeKey).
  • Fabien Hochstrasser, check_cmpv2 Nagios monitoring script.
  • Max Fichtelmann, Patch for making the Common PKI CertHash extension into a SingleResponse extension.
  • Edwin Wentink, Documentation how to use Rijkspas and eToken 5100 with Windows certreq
  • Fotis Loukos, Idea and inital patch for pre-sign certificate validation
  • Tjeu Kayim, Patch fixing obfuscation of non-ascii characters
  • Verneet Singh, Reported XSS vulnerability (CVE-2022-29834)
  • David Ricardo Ledo Baster, Fix isDeltaCrl flag in CertificateCrlReader
  • Rufus Buschart, Siemens, fix for RFC9483 headers in CMP revoke response message