CaPropertiesCA PropertiesDays until next CRL issuingDefault templateCertDetailDetails of the CertificateSerialThe serial number of the certificateThe internal name of the certificate in the databaseStatusInternal nameSignatureKeyFingerprintsMD5An md5 hashsum of the certificateSHA1A SHA-1 hashsum of the certificateSHA256A SHA-256 hashsum of the certificateValidityThe time since the certificate is validThe time until the certificate is validSubjectIssuerExtensionsCommentAttributesShow configShow extensionsShow public keyThis key is not in the database.Not availableSigner unknownSelf signedRevoked at %1Not validValidDetails of the certificate signing requestCertExtendCertificate renewalThis will create a new certificate as a copy of the old one with a new serial number and adjusted validity values.ValidityNot beforeNot afterTime rangeLocal timeDaysMonthsYearsNo well-defined expirationMidnightApplyRevoke old certificateKeep serial numberThe certificate will be earlier valid than the signer. This is probably not what you want.Edit datesAbort rolloutContinue rolloutAdjust date and continueThe certificate will be longer valid than the signer. This is probably not what you want.CertTreeViewImport PKCS#12Import from PKCS#7RequestSecurity tokenOther tokenSimilar CertificateDelete from Security tokenCAPropertiesGenerate CRLManage revocationsRenewalRevokeUnrevokePlain ViewTree ViewClickLabelDouble click for detailsCrlDetailDetails of the Revocation list&StatusVersionSignatureSigned byNameThe internal name of the CRL in the databaseissuing datesNext updateLast update&Issuer&Extensions&Revocation listCommentFailedUnknown signerVerification not possibleCrlTreeViewThere are no CA certificates for CRL generationSelect CA certificateExportDialogNameThe internal name of the CRL in the database...FilenameExport comment into PEM fileExport FormatAll files ( * )PEM Text format with headersConcatenated list of all selected items in one PEM text fileConcatenated text format of the complete certificate chain in one PEM fileConcatenated text format of all certificates in one PEM fileBinary DER encoded filePKCS#7 encoded single certificatePKCS#7 encoded complete certificate chainConcatenated text format of all unrevoked certificates in one PEM fileAll unrevoked certificates encoded in one PKCS#7 fileAll selected certificates encoded in one PKCS#7 fileAll certificates encoded in one PKCS#7 fileThe certificate and the private key as encrypted PKCS#12 fileThe complete certificate chain and the private key as encrypted PKCS#12 fileConcatenation of the certificate and the unencrypted private key in one PEM fileConcatenation of the certificate and the encrypted private key in PKCS#8 format in one fileText format of the public key in one PEM fileBinary DER format of the public keyUnencrypted private key in text formatOpenSSL specific encrypted private key in text formatUnencrypted private key in binary DER formatUnencrypted private key in PKCS#8 text formatEncrypted private key in PKCS#8 text formatThe public key encoded in SSH2 formatOpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP toolvCalendar expiry reminder for the selected itemsvCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRLPrivate key in Microsoft PVK format not encryptedEncrypted private key in Microsoft PVK formatThe file: '%1' already exists!OverwriteDo not overwriteHelp<<>>&DoneImportMultiImport PKI ItemsImport &All&Import&Done&Remove from listDetailsDelete from tokenRename on token
Name: %1
Model: %2
Serial: %3Manage security tokenDetails of the item '%1' cannot be shownThe type of the item '%1' is not recognizedThe file '%1' did not contain PKI dataThe %1 files: '%2' did not contain PKI dataItemPropertiesNameSourceInsertion dateCommentKeyDetailNameThe internal name of the key used by xcaSecurity tokenManufacturerSerialKeyPublic ExponentKeysizePrivate ExponentSecurity TokenLabelPKCS#11 IDToken informationModelFingerprintCommentDetails of the %1 keyNot availableAvailableSub primePublic keyPrivate keyCurve nameUnknown keyKeyTreeViewChange passwordReset passwordChange PINInit PIN with SO PIN (PUK)Change SO PIN (PUK)Security tokenThis is not a tokenShall the original key '%1' be replaced by the key on the token?
This will delete the key '%1' and make it unexportableMainWindowPrivate Keys&New Key&Export&ImportImport PFX (PKCS#12)&Show Details&DeleteCertificate signing requests&New RequestCertificates&New CertificateImport &PKCS#12Import P&KCS#7Plain ViewTemplates&New Template&New CRLCh&ange TemplateRevocation listsUsing or exporting private keys will not be possible without providing the correct passwordDatabaseThe currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons.Recent DataBasesSystemCroatianEnglishFrenchGermanJapaneseRussianSlovakSpanishPolishItalianChineseDutchPortuguese in BrazilTurkishLanguage&FileOpen Remote DataBaseSet as default DataBaseNew DataBaseOpen DataBaseClose DataBaseOptionsExitI&mportKeysRequestsPKCS#12PKCS#7TemplateRevocation listPEM filePaste PEM fileTokenExport Certificate &Index hierarchyContent&Manage Security token&Init Security token&Change PINChange &SO PINInit PINExtra&Dump DataBase&Export Certificate IndexC&hange DataBase password&Undelete itemsGenerate DH parameterOID Resolver&HelpAboutImport PEM dataPlease enter the original SO PIN (PUK) of the token '%1'SearchPlease enter the new SO PIN (PUK) for the token '%1'The new label of the token '%1'The token '%1' did not contain any keys or certificatesCurrent PasswordPlease enter the current database passwordThe entered password is wrongNew PasswordPlease enter the new password to encrypt your private keys in the database-fileTransaction start failedCertificate Index ( index.txt )All files ( * )Diffie-Hellman parameters saved as: %1Diffie-Hellman parameters are needed for different applications, but not handled by XCA.
Please enter the DH parameter bitsNewCrlLast updateNext updateDaysMonthsYearsMidnightLocal timeApplyOptionsCRL numberSubject alternative nameRevocation reasonsAuthority key identifierHash algorithmCreate CRLNewKeyPlease give a name to the new key and select the desired keysizeKey propertiesNameThe internal name of the new keyCurve nameUsually at least 2048 bit keys are recommendedNew KeyKeysizeKeytypeRemember as defaultCreateNewX509SourceSigning requestShow requestSign this Certificate signing &requestCopy extensions from the requestModify subject of the requestSigningCreate a &self signed certificateUse &this Certificate for signingAll certificates in your database that can create valid signaturesSignature algorithmTemplate for the new certificateAll available templatesApply extensionsApply subjectApply allSubjectInternal NameDistinguished nameAddDeletePrivate keyThis list only contains unused keysUsed keys too&Generate a new keyExtensionsTypeIf this will become a CA certificate or notNot definedCertification AuthorityEnd EntityPath lengthHow much CAs may be below this.The basic constraints should always be criticalKey identifierCreates a hash of the key following the PKIX guidelinesCopy the Subject Key Identifier from the issuerValidityNot beforeNot afterTime rangeDaysMonthsYearsApplySet the time to 00:00:00 and 23:59:59 respectivelyMidnightLocal timeNo well-defined expirationDNS: IP: URI: email: RID:EditURI:Key usageNetscapeAdvancedValidateCommentThis name is only used internally and does not appear in the resulting certificateCriticalCreate Certificate signing requestminimum size: %1maximum size: %1only a-z A-Z 0-9 '()+,-./:=?only 7-bit clean charactersEdit XCA templateCreate x509 CertificateTemplate '%1' appliedSubject applied from template '%1'Extensions applied from template '%1'New key '%1' createdOther TabsAdvanced TabErrorsFrom PKCS#10 requestAbort rolloutThe following length restrictions of RFC3280 are violated:Edit subjectContinue rolloutThe verification of the Certificate request failed.
The rollout should be aborted.Continue anywayThe internal name and the common name are empty.
Please set at least the internal name.Edit nameThere is no Key selected for signing.Select keyThe following distinguished name entries are empty:
%1
though you have declared them as mandatory in the options menu.The key you selected for signing is not a private one.Select other signerSelect other keyThe currently selected hash algorithm '%1' is insecure and should not be used.Select other algorithmUse algorithm anywayThe certificate will be earlier valid than the signer. This is probably not what you want.Edit datesAdjust date and continueThe certificate will be longer valid than the signer. This is probably not what you want.The certificate will be out of date before it becomes valid. You most probably mixed up both dates.The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab.The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate.Edit extensionsThe subject alternative name shall contain a copy of the common name. However, the common name is empty.Configfile error on line %1
OidResolverOID ResolverEnter the OID, the Nid, or one of the textual representationsSearchOIDLong nameOpenSSL internal IDNidShort nameOpenDbOpen remote databaseDatabase typeHostnameUsernamePasswordDatabase nameTable prefixNo SqLite3 driver available. Please install the qt-sqlite package of your distributionOptionsXCA OptionsSettingsDefault hash algorithmString typesSuppress success messagesDon't colorize expired certificatesTranslate established x509 terms (%1 -> %2)The hashing functionality of the token is not used by XCA.
It may however honor a restricted hash-set propagated by the token.
Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification.Only use hashes supported by the token when signing with a token keyDisable legacy Netscape extensionsCertificate expiry warning thresholdSend vCalendar expiry reminderSerial number length bitDistinguished nameMandatory subject entriesAddDeleteExplicit subject entriesDynamically arrange explicit subject entriesDefaultPKCS#11 providerRemoveSearchPrintable string or UTF8 (default)PKIX recommendation in RFC2459No BMP strings, only printable and T61UTF8 strings only (RFC2459)All stringsDaysWeeksPwDialogThe password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f)Take as HEX stringPasswordRepeat %1%1 mismatchHex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of charactersExitQMessageBoxOkCloseCancelApplyYesNoQObjectUndefinedBroken / Invalidin %1 seconds%1 seconds agoin %1 minutes%1 minutes agoYesterdayTomorrowin %1 hours%1 hours agoOut of dataError finding endmarker of stringOut of Memory at %1:%2All files ( * )PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );;Import RSA keyPKCS#10 CSR ( *.pem *.der *.csr );; Import RequestCertificates ( *.pem *.der *.crt *.cer );;Import X.509 CertificatePKCS#7 data ( *.p7s *.p7m *.p7b );;Import PKCS#7 CertificatesPKCS#12 Certificates ( *.p12 *.pfx );;Import PKCS#12 Private CertificateXCA templates ( *.xca );;Import XCA TemplatesRevocation lists ( *.pem *.der *.crl );;Import Certificate Revocation ListXCA Databases ( *.xdb );;Open XCA DatabasePKCS#11 library ( *.dll );;PKCS#11 library ( *.dylib *.so );;PKCS#11 library ( *.so );;Open PKCS#11 shared libraryPEM files ( *.pem );;Load PEM encoded filePlease enter the PIN on the PinPadPlease enter the SO PIN (PUK) of the token %1Please enter the PIN of the token %1No Security token foundSelectPlease enter the new SO PIN (PUK) for the token: '%1'Please enter the new PIN for the token: '%1'Required PIN size: %1 - %2Invalid filename: %1Failed to open PKCS11 library: %1: %2This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found.DisabledLibrary loading failedPKCS#11 function '%1' failed: %2PKCS#11 function '%1' failed: %2
In library %3
%4Invalid%1 is shorter than %2 bytes: '%3'%1 is longer than %2 bytes: '%3'String '%1' for '%2' contains invalid charactersError reading config file %1 at line %2The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed.The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts.Unknown object '%1' in file %2 line %3Failed to start a database transactionCountry codeState or ProvinceLocalityOrganisationOrganisational unitCommon nameE-Mail addressSerial numberGiven nameSurnameTitleInitialsDescriptionRolePseudonymGeneration Qualifierx500 Unique IdentifierNameDN QualifierUnstructured nameChallenge passwordBasic ConstraintsSubject alternative nameissuer alternative nameSubject key identifierAuthority key identifierKey usageExtended key usageCRL distribution pointsAuthority information accessCertificate typeBase URLRevocation URLCA Revocation URLCertificate renewal URLCA policy URLSSL server nameCommentIndex file written to '%1'Index hierarchy written to '%1'Unknown key type %1Password verify error, please try againReqTreeViewSignUnmark signedMark signedSimilar RequestRevocationListManage revocationsAddDeleteEditNo.SerialRevocationReasonInvalidationGenerate CRLRevokeCertificate revocationRevocation detailsRevocation reasonLocal timeInvalid sinceSerialSearchPkcs11Directory...Include subdirectoriesSearchThe following files are possible PKCS#11 librariesSelectTokenSecurity tokenPlease select the security tokenTempTreeViewDuplicateCreate certificateCreate requestcopyPreset Template valuesValidityyyyy-MM-dd hh:mmX509SuperTreeViewOpenSSL configTransformTemplatePublic keyXcaTreeViewSubject entriesX509v3 ExtensionsNetscape extensionsKey propertiesResetHide ColumnDetailsColumnsNewImportPaste PEM dataRenamePropertiesDeleteExportClipboardFiledatabase_modelLegacy database format detected. Creating a backup copy called: '%1' and converting the database to the new formatFailed to rename the database file, because the target already existsPlease enter the password to access the database server %2 as user '%1'.Unable to create '%1': %2The file '%1' is not an XCA databaseNo SqLite3 driver available. Please install the qt-sqlite package of your distributionNew PasswordPlease enter a password, that will be used to encrypt your private keys in the database:
%1PasswordPlease enter the password for unlocking the database:
%1db_baseInternal nameNo.Primary keyDatabase unique numberDateDate of creation or insertionSourceGenerated, Imported, TransformedCommentFirst line of the comment fieldImport from: %1Could not create directory %1Item propertiesHow to export the %1 selected itemsAll in one PEM fileEach item in one fileSave %1 items in one file asPEM files ( *.pem );; All files ( * )db_crlSignerInternal name of the signerNo. revokedNumber of revoked certificatesLast updateNext updateCRL numberThe revocation list already exists in the database as:
'%1'
and so it was not importedRevocation list exportCRL ( *.pem *.der *.crl )Failed to initiate DB transactionDatabase error: %1db_keyTypeSizeEC GroupUsePasswordThe key is already in the database as:
'%1'
and is not going to be importedThe database already contains the public part of the imported key as
'%1
and will be completed by the new, private part of the keyExtending public key from %1 by imported key '%2'Key size too small !You are sure to create a key of the size: %1 ?PEM publicSSH2 publicPEM privateSSH2 privateExport keys to ClipboardClipboardExport public key [%1]DER publicDER privatePEM encrypedPVK privatePVK encryptedPKCS#8 encryptedExport private key [%1]Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )Internal errorTried to change password of a tokendb_tempBad template: %1Empty templateSave template asXCA templates ( *.xca );; All files ( * )db_x509CAreflects the basic Constraints extensionSerialStart dateExpiry dateMD5 fingerprintSHA1 fingerprintSHA256 fingerprintNot beforeNot afterRevocationCRL ExpirationFailed to retrieve unique random serialThe certificate already exists in the database as:
'%1'
and so it was not importedSigned on %1 by '%2'UnknownInvalid public keyPKCS#7 unrevokedPEM unrevokedvCalendarCA vCalendarX509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )daysNo templateThe key you selected for signing is not a private one.Failed to create directory '%1'Store the certificate to the key on the token '%1 (#%2)' ?PEM chainPKCS#7 chainPKCS#12 chainPKCS#7 allPEM + keyPEM allCertificate Index fileCertificate exportThere was no key found for the Certificate: '%1'Not possible for a token key: '%1'Not possible for the token-key Certificate '%1'db_x509nameSubjectComplete distinguished nameSubject hashHash to lookup certs in directoriesdb_x509reqSignedwhether the request is already signed or notUnstructured nameChallenge passwordCertificate countNumber of certificates in the database with the same public keyThe certificate signing request already exists in the database as
'%1'
and thus was not storedCertificate request exportCertificate request ( *.pem *.der *.csr )db_x509superKey nameInternal name of the keySignature algorithmKey typeKey sizeEC GroupExtracted from %1 '%2'CertificateCertificate requestSave as OpenSSL configConfig files ( *.conf *.cnf);; All files ( * )The following extensions were not ported into the templateTransformed from %1 '%2'kvViewTypeContentpass_infoPasswordPINpki_baseUnknownImportedGeneratedTransformedTokenLegacy DatabaseRenewedProperty '%1' not listed in 'pki_base::print'Internal error: Unexpected message: %1 %2pki_crlSuccessfully imported the revocation list '%1'Delete the revocation list '%1'?Successfully created the revocation list '%1'Delete the %1 revocation lists: %2?Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL.No issuer givenWrong Size %1CRL Renewal of CA '%1' dueThe latest CRL issued by the CA '%1' will expire on %2.
It is stored in the XCA database '%3'Renew CRL: %1The XCA CRL '%1', issued on %3 will expire on %4.
It is stored in the XCA database '%5'pki_evpPlease enter the password to decrypt the private key %1.The key from file '%1' is incomplete or inconsistent.Please enter the password to decrypt the private key from file:
%1Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format.Ignoring unsupported private keyPlease enter the password to decrypt the private key: '%1'Password input abortedPlease enter the database password for decrypting the key '%1'Please enter the password to protect the private key: '%1'Please enter the database password for encrypting the keyPlease enter the password protecting the PKCS#8 key '%1'Please enter the password protecting the Microsoft PVK key '%1'Please enter the export password for the private key '%1'pki_keySuccessfully imported the %1 public key '%2'Delete the %1 public key '%2'?Successfully imported the %1 private key '%2'Delete the %1 private key '%2'?Successfully created the %1 private key '%2'Delete the %1 keys: %2?Public keyCommonPrivateBogusPINNo passwordUnexpected SSH2 content: '%1'Invalid SSH2 public keyFailed writing to %1pki_multiNo known PEM encoded items foundpki_pkcs12Please enter the password to decrypt the PKCS#12 file:
%1Unable to load the PKCS#12 (pfx) file %1.The supplied password was wrong (%1)Please enter the password to encrypt the PKCS#12 fileNo key or no Cert and no pkcs12pki_pkcs7Unable to load the PKCS#7 file %1. Tried PEM and DER format.pki_scardSuccessfully imported the token key '%1'Delete the token key '%1'?Successfully created the token key '%1'Delete the %1 keys: %2?Delete the private key '%1' from the token '%2 (#%3)' ?This Key is already on the tokenPIN input abortedUnable to find copied key on the tokenPlease insert card: %1 %2 [%3] with Serial: %4Unable to find generated key on cardIgnoring unsupported token keyWrong Size %1Token %1Failed to find the key on the tokenInvalid Pin for the tokenFailed to initialize the key on the tokenpki_tempSuccessfully imported the XCA template '%1'Delete the XCA template '%1'?Successfully created the XCA template '%1'Delete the %1 XCA templates: %2?Wrong Size %1Template file content error (too small)Not a PEM encoded XCA TemplateNot an XCA Template, but '%1'pki_x509Successfully imported the certificate '%1'Delete the certificate '%1'?Successfully created the certificate '%1'Delete the %1 certificates: %2?Unable to load the certificate in file %1. Tried PEM and DER certificate.This certificate is already on the security tokenDelete the certificate '%1' from the token '%2 (#%3)'?There is no key for signing !Wrong Size %1NoYesRenew certificate: %1The XCA certificate '%1', issued on %2 will expire on %3.
It is stored in the XCA database '%4'pki_x509reqSigning key not valid (public key)Successfully imported the %1 certificate request '%2'Delete the %1 certificate request '%2'?Successfully created the %1 certificate request '%2'Delete the %1 certificate requests: %2?Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format.Wrong Size %1SignedUnhandledv3extCopy Common NameAddDeleteApplyValidateCancelAn email address or 'copy'An email addressA registered ID: OBJECT IDENTIFIERA uniform resource indicatorA DNS domain name or 'copycn'A DNS domain nameAn IP addressSyntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name'No editing. Only 'copy' allowed hereValidation failed:
'%1'
%2Validation successful:
'%1'xcaWarningThe following error occurred:Copy to Clipboard