CaProperties Form Days until next CRL issuing Default template CertDetail Details of the Certificate Serial The serial number of the certificate The internal name of the certificate in the database Status Internal name Signature Key Fingerprints MD5 An md5 hashsum of the certificate SHA1 A SHA-1 hashsum of the certificate SHA256 A SHA-256 hashsum of the certificate Validity The time since the certificate is valid The time until the certificate is valid Subject Issuer Extensions Validation Purposes Strict RFC 5280 validation Comment Attributes Show config Show extensions Show public key This key is not in the database. Not available No verification errors found. Signer unknown Self signed Revoked at %1 Not valid Valid Details of the certificate signing request CertExtend Certificate renewal This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Validity Not before Not after Time range Local time Days Months Years No well-defined expiration Midnight Apply Revoke old certificate Replace old certificate Keep serial number The certificate will be earlier valid than the signer. This is probably not what you want. Edit dates Abort rollout Continue rollout Adjust date and continue The certificate will be longer valid than the signer. This is probably not what you want. CertTreeView Hide unusable certificates Import PKCS#12 Import from PKCS#7 Request Security token Other token Similar Certificate Delete from Security token CA Properties Generate CRL Manage revocations Import OpenVPN tls-auth key Renewal Revoke Unrevoke Plain View Tree View days No template CA Properties Certificate export X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN tls-auth key ( *.key ) ClickLabel Double click for details CrlDetail Details of the Revocation list &Status Version Signature Signed by Name The internal name of the CRL in the database issuing dates Next update Last update &Issuer &Extensions &Revocation list Comment Failed Unknown signer Verification not possible CrlTreeView There are no CA certificates for CRL generation Select CA certificate Revocation list export CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) ExportDialog Name The internal name of the CRL in the database ... Filename Each Item in a separate file Same encryption password for all items Export comment into PEM file Export Format %n selected item(s) All files ( * ) The file: '%1' already exists! Overwrite Do not overwrite The path: '%1' exist, but is not a file The path: '%1' exist, but is not a directory The directory: '%1' does not exist. Should it be created? Create Failed to create directory '%1' Directory Form last update next update Days Months Years Apply Midnight Local time No well-defined expiration Help << >> &Done ImportMulti Import PKI Items Import &All &Import &Done &Remove from list Details Delete from token Rename on token Name: %1 Model: %2 Serial: %3 Manage security token The type of the item '%1' is not recognized Could not open the default database The file '%1' did not contain PKI data The %1 files: '%2' did not contain PKI data ItemProperties Name Source Insertion date Comment KeyDetail Name The internal name of the key used by xca Security token Manufacturer Serial Key Public Exponent Keysize Private Exponent Security Token Label PKCS#11 ID Token information Model Fingerprint Comment Details of the %1 key Not available Available Sub prime Public key Private key Curve name Unknown key KeyTreeView Change password Reset password Change PIN Init PIN with SO PIN (PUK) Change SO PIN (PUK) Security token This is not a token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Key export Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) SSH Private Keys ( *.priv ) Microsoft PVK Keys ( *.pvk ) MainWindow Private Keys &New Key &Export &Import Import PFX (PKCS#12) &Show Details &Delete Certificate signing requests &New Request Certificates &New Certificate Import &PKCS#12 Import P&KCS#7 Plain View Templates &New Template &New CRL Ch&ange Template Revocation lists Using or exporting private keys will not be possible without providing the correct password The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Recent DataBases System Croatian English French German Japanese Korean Russian Slovak Spanish Persian Bulgarian Polish Italian Chinese Dutch Portuguese in Brazil Indonesian Turkish Language &File Open Remote DataBase Set as default DataBase New DataBase Open DataBase Close DataBase Options Exit I&mport Keys Requests PKCS#12 PKCS#7 Template Revocation list PEM file Paste PEM file Token Export Certificate &Index hierarchy Content &Manage Security token &Init Security token &Change PIN Change &SO PIN Init PIN Extra &Dump DataBase &Export Certificate Index C&hange DataBase password &Undelete items Generate DH parameter OID Resolver &Help About Import PEM data Please enter the original SO PIN (PUK) of the token '%1' Search Please enter the new SO PIN (PUK) for the token '%1' The new label of the token '%1' The token '%1' did not contain any keys or certificates Retry with PIN Retry with SO PIN Current Password Please enter the current database password The entered password is wrong New Password Please enter the new password to encrypt your private keys in the database-file Transaction start failed Database: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Change Certificate Index ( index.txt ) All files ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits NewCrl Last update Next update Days Months Years Midnight Local time Apply Options CRL number Subject alternative name Revocation reasons Authority key identifier Hash algorithm Create CRL NewKey Please give a name to the new key and select the desired keysize Key properties Name The internal name of the new key Curve name Usually at least 2048 bit keys are recommended New Key Keysize Keytype Remember as default Create NewX509 Source Signing request Show request Sign this Certificate signing &request Copy extensions from the request Modify subject of the request Signing Create a &self signed certificate Use &this Certificate for signing All certificates in your database that can create valid signatures Signature algorithm Template for the new certificate All available templates Apply extensions Apply subject Apply all Subject Internal Name Distinguished name Add Delete Private key This list only contains unused keys Used keys too &Generate a new key Extensions Type If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Key identifier Creates a hash of the key following the PKIX guidelines Copy the Subject Key Identifier from the issuer Validity Not before Not after Time range Days Months Years Apply Set the time to 00:00:00 and 23:59:59 respectively Midnight Local time No well-defined expiration DNS: IP: URI: email: RID: Edit URI: Key usage Netscape Advanced Validate Comment This name is only used internally and does not appear in the resulting certificate Critical Create Certificate signing request minimum size: %1 maximum size: %1 only a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Edit XCA template Create x509 Certificate Template '%1' applied Subject applied from template '%1' Extensions applied from template '%1' New key '%1' created Other Tabs Advanced Tab Errors From PKCS#10 request Error duplicate extensions The Name Constraints are invalid The Subject Alternative Name is invalid The Issuer Alternative Name is invalid The CRL Distribution Point is invalid The Authority Information Access is invalid Abort rollout The following length restrictions of RFC3280 are violated: Edit subject Continue rollout The verification of the Certificate request failed. The rollout should be aborted. Continue anyway The internal name and the common name are empty. Please set at least the internal name. Edit name There is no Key selected for signing. Select key The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. The key you selected for signing is not a private one. Select other signer Select other key The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. Edit dates Adjust date and continue The certificate will be longer valid than the signer. This is probably not what you want. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. The certificate contains invalid extensions. Edit extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. A name constraint of the issuer '%1' is violated: %2 Configfile error on line %1 OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Search OID Long name OpenSSL internal ID Nid Short name OpenDb Open remote database Database type Hostname Username Password Database name Table prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Options XCA Options Settings Default hash algorithm String types Suppress success messages Don't colorize expired certificates Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Disable legacy Netscape extensions PKCS12 encryption algorithm Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit Distinguished name Mandatory subject entries Add Delete Explicit subject entries Dynamically arrange explicit subject entries Default PKCS#11 provider Remove Search Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 UTF8 strings only (RFC2459) All strings Days Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Repeat %1 %1 mismatch Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Exit QObject Undefined Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago Out of data Error finding endmarker of string All files ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate XCA templates ( *.xca );; Import XCA Templates Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List XCA Databases ( *.xdb );; Open XCA Database OpenVPN tls-auth key ( *.key );; Import OpenVPN tls-auth key PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Failed to start a database transaction Country code State or Province Locality Organisation Organisational unit Common name E-Mail address Serial number Given name Surname Title Initials Description Role Pseudonym Generation Qualifier x500 Unique Identifier Name DN Qualifier Unstructured name Challenge password Basic Constraints Name Constraints Subject alternative name issuer alternative name Subject key identifier Authority key identifier Key usage Extended key usage CRL distribution points Authority information access Certificate type Base URL Revocation URL CA Revocation URL Certificate renewal URL CA policy URL SSL server name Comment Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Failed to write PEM data to '%1' Password verify error, please try again The following error occurred: Failed to update the database schema to the current version Password insecure ReqTreeView Sign Unmark signed Mark signed Similar Request Certificate request export Certificate request ( *.pem *.der *.csr ) RevocationList Manage revocations Add Delete Edit No. Serial Revocation Reason Invalidation Generate CRL Revoke Certificate revocation Revocation details Revocation reason Local time Invalid since Serial SearchPkcs11 Directory ... Include subdirectories Search The following files are possible PKCS#11 libraries SelectToken Security token Please select the security token TempTreeView Duplicate Create certificate Create request copy Preset Template values Template export XCA Templates ( *.xca ) Validity yyyy-MM-dd hh:mm X509SuperTreeView Transform Template Public key XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaDetail Import XcaTreeView Item properties Subject entries X509v3 Extensions Netscape extensions Key properties Reset Hide Column Details Columns Export Password Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 New Import Paste PEM data Rename Properties Delete Export Clipboard File Clipboard format database_model Please enter the password to access the database server %2 as user '%1'. Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution New Password Please enter a password, that will be used to encrypt your private keys in the database: %1 Password Please enter the password for unlocking the database: %1 db_base Internal name No. Primary key Database unique number Date Date of creation or insertion Source Generated, Imported, Transformed Comment First line of the comment field Import from: %1 Could not create directory %1 db_crl Signer Internal name of the signer No. revoked Number of revoked certificates Last update Next update CRL number The revocation list already exists in the database as: '%1' and so it was not imported Failed to initiate DB transaction Database error: %1 db_key Type Size EC Group Use Password The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! You are sure to create a key of the size: %1 ? Internal key update: The keys: %1 must be updated once by resetting and setting its private password Tried to change password of a token db_temp Bad template: %1 Empty template db_x509 CA reflects the basic Constraints extension Serial Start date Expiry date MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Not before Not after Revocation CRL Expiration Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Invalid public key The key you selected for signing is not a private one. Failed to create directory '%1' Store the certificate to the key on the token '%1 (#%2)' ? There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' db_x509name Subject Complete distinguished name Subject hash Hash to lookup certs in directories db_x509req Signed whether the request is already signed or not Unstructured name Challenge password Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored db_x509super Key name Internal name of the key Signature algorithm Key type Key size EC Group Extracted from %1 '%2' Certificate Certificate request The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Content pass_info Password PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. pki_base Unknown Imported Generated Transformed Token Legacy Database Renewed Property '%1' not listed in 'pki_base::print' Internal error: Unexpected message: %1 %2 pki_crl Successfully imported the revocation list '%1' Successfully created the revocation list '%1' Delete the %n revocation list(s): '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. No issuer given CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Renew CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Decryption of private key '%1' failed Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password to protect the PKCS#8 key '%1' in file: %2 Please enter the password to protect the private key '%1' in file: %2 pki_export PEM Text format with headers PEM selected Concatenated list of all selected certificates in one PEM text file PEM chain Concatenated text format of the complete certificate chain in one PEM file The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file All unusable Concatenation of all expired or revoked certificates in one PEM file PKCS#7 encoded single certificate All selected certificates encoded in one PKCS#7 file PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS #7 unusable PKCS#7 encoded collection of all expired or revoked certificates Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificate Index file OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar vCalendar expiry reminder for the selected items CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL OpenSSL config OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenVPN tls-auth key The OpenVPN tls-auth key is a secret key shared between endpoints JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) JSON Web Kit chain The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) PEM public Text format of the public key in one PEM file PEM private Unencrypted private key in text format PEM encrypted OpenSSL specific encrypted private key in text format SSH2 private SSH2 public The public key encoded in SSH2 format DER public Binary DER format of the public key DER private Unencrypted private key in binary DER format PVK private Private key in Microsoft PVK format not encrypted PKCS #8 encrypted Encrypted private key in PKCS#8 text format PKCS #8 Unencrypted private key in PKCS#8 text format JSON Web Key private Unencrypted private key in JSON Web Key format JSON Web Key public Public key in JSON Web Key format Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format. Templates include the internal name and comment All selected XCA templates in PEM-like format. Templates include the internal name and comment pki_key Public key Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Common Private Bogus PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unable to load the PKCS#12 (pfx) file %1. The supplied password was wrong (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. pki_scard Successfully imported the token key '%1' Successfully created the token key '%1' Delete the %n token key(s): '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Select Slot of %1 Unable to find generated key on card Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Successfully created the XCA template '%1' Delete the %n XCA template(s): '%1'? Wrong Size %1 Template file content error (too small) Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Successfully created the certificate '%1' Delete the %n certificate(s): '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Invalid OpenVPN tls-auth key Failed to import tls-auth key Same tls-auth key already stored for this CA New tls-auth key successfully imported Existing tls-auth key successfully replaced This certificate is already on the security token Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! No Yes Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' pki_x509req Signing key not valid (public key) Successfully imported the PKCS#10 certificate request '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Successfully created the PKCS#10 certificate request '%1' Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Signed Unhandled v3ext Copy Common Name Add Delete Apply Validate Cancel An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validation successful: '%1' xcaWarningGui Copy to Clipboard