Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Open Source KeyServer

  • Download last version available: Download

Repository status:

Master Develop
Build status Build Status Build Status
Dependencies status Dependency Status Dependency Status
Code quality Codacy Badge Codacy Badge Codacy Badge Codacy Badge


This software is a Key Server that implements the TLS Session Key Interface (SKI) defined in draft-cairns-tls-session-key-interface-01.

The Heartbleed attack illustrated the security problems with storing private keys in the memory of the TLS server. The TLS Session Key Interface (SKI) defined the mentioned document makes it possible to store private keys in a highly trusted key server, physically separated from client facing servers. The TLS server is split into two distinct entities called Edge Server and Key Server that communicate over an encrypted and mutually authenticated channel using e.g. TLS. This software implements the Key Server entity.

  +--------+  Handshake  +-------------+    SKI    +------------+
  | Client | <---------> | Edge Server | <-------> | Key Server |
  +--------+             +-------------+           +------------+

It is aimed at being a functional prototype to test the LURK Architecture and the proposed interface. For more reference see link URL and this.

System requirements

KeyServer has been developed using Java SE 8 and Redis as database to store the certificates private keys.

How to install?

You can download the latest KeyServer JAR version from releases section. If you prefer generate your own JAR, remember that this project is distributed with Apache Maven.

Once the JAR file is downloaded/generated, move it to the desired folder. Configure the KeyServer using the KeyServer Wiki steps before first execution. Otherwise, you'll get an error during the execution.

Watch the video


Key Server that implements the TLS Session Key Interface (SKI) defined in draft-cairns-tls-session-key-interface-00.







No packages published