CaPropertiesCA PropertiesDays until next CRL issuingDefault templateCertDetailDetails of the CertificateSerialThe serial number of the certificateThe internal name of the certificate in the databaseStatusInternal nameSignatureKeyFingerprintsMD5An md5 hashsum of the certificateSHA1A SHA-1 hashsum of the certificateSHA256A SHA-256 hashsum of the certificateValidityThe time since the certificate is validThe time until the certificate is validSubjectIssuerExtensionsCommentAttributesShow configShow extensionsShow public keyThis key is not in the database.Not availableSigner unknownSelf signedRevoked at %1Not validValidDetails of the certificate signing requestCertExtendCertificate renewalThis will create a new certificate as a copy of the old one with a new serial number and adjusted validity values.ValidityNot beforeNot afterTime rangeLocal timeDaysMonthsYearsNo well-defined expirationMidnightApplyRevoke old certificateKeep serial numberThe certificate will be earlier valid than the signer. This is probably not what you want.Edit datesAbort rolloutContinue rolloutAdjust date and continueThe certificate will be longer valid than the signer. This is probably not what you want.CertTreeViewImport PKCS#12Import from PKCS#7RequestSecurity tokenOther tokenSimilar CertificateDelete from Security tokenCAPropertiesGenerate CRLManage revocationsRenewalRevokeUnrevokeClickLabelDouble click for detailsCrlDetailDetails of the Revocation list&StatusVersionSignatureSigned byNameThe internal name of the CRL in the databaseissuing datesNext updateLast update&Issuer&Extensions&Revocation listCommentFailedUnknown signerVerification not possibleExportDialogNameThe internal name of the CRL in the database...FilenameExport comment into PEM fileExport FormatAll files ( * )PEM Text format with headersConcatenated list of all selected items in one PEM text fileConcatenated text format of the complete certificate chain in one PEM fileConcatenated text format of all certificates in one PEM fileBinary DER encoded filePKCS#7 encoded single certificatePKCS#7 encoded complete certificate chainConcatenated text format of all unrevoked certificates in one PEM fileAll unrevoked certificates encoded in one PKCS#7 fileAll selected certificates encoded in one PKCS#7 fileAll certificates encoded in one PKCS#7 fileThe certificate and the private key as encrypted PKCS#12 fileThe complete certificate chain and the private key as encrypted PKCS#12 fileConcatenation of the certificate and the unencrypted private key in one PEM fileConcatenation of the certificate and the encrypted private key in PKCS#8 format in one fileText format of the public key in one PEM fileBinary DER format of the public keyUnencrypted private key in text formatOpenSSL specific encrypted private key in text formatUnencrypted private key in binary DER formatUnencrypted private key in PKCS#8 text formatEncrypted private key in PKCS#8 text formatThe public key encoded in SSH2 formatOpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP toolvCalendar expiry reminder for the selected itemsvCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRLThe file: '%1' already exists!OverwriteDo not overwriteHelp<<>>&DoneImportMultiImport PKI ItemsImport &All&Import&Done&Remove from listDetailsDelete from tokenRename on token
Name: %1
Model: %2
Serial: %3Manage security tokenDetails of the item '%1' cannot be shownThe type of the item '%1' is not recognizedThe file '%1' did not contain PKI dataThe %1 files: '%2' did not contain PKI dataItemPropertiesNameSourceInsertion dateCommentKeyDetailNameThe internal name of the key used by xcaSecurity tokenManufacturerSerialKeyPublic ExponentKeysizePrivate ExponentSecurity TokenLabelPKCS#11 IDToken informationModelFingerprintCommentDetails of the %1 keyNot availableAvailableSub primePublic keyPrivate keyCurve nameUnknown keyKeyTreeViewChange passwordReset passwordChange PINInit PIN with SO PIN (PUK)Change SO PIN (PUK)Security tokenThis is not a tokenShall the original key '%1' be replaced by the key on the token?
This will delete the key '%1' and make it unexportableMainWindowPrivate Keys&New Key&Export&ImportImport PFX (PKCS#12)&Show Details&DeleteCertificate signing requests&New RequestCertificates&New CertificateImport &PKCS#12Import P&KCS#7Plain ViewTemplates&New Template&New CRLCh&ange TemplateRevocation listsUsing or exporting private keys will not be possible without providing the correct passwordDatabaseThe currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons.Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new formatFailed to rename the database file, because the target already existsNo deleted items foundRecent DataBasesSystemCroatianEnglishFrenchGermanRussianSlovakSpanishPolishItalianChineseDutchPortuguese in BrazilTurkishLanguage&FileOpen Remote DataBaseSet as default DataBaseNew DataBaseOpen DataBaseClose DataBaseOptionsExitI&mportKeysRequestsPKCS#12PKCS#7TemplateRevocation listPEM filePaste PEM fileTokenExport Certificate &Index hierarchyContent&Manage Security token&Init Security token&Change PINChange &SO PINInit PINExtra&Dump DataBase&Export Certificate IndexC&hange DataBase password&Undelete itemsGenerate DH parameterOID Resolver&HelpAboutno such option: %1Import PEM dataPlease enter the original SO PIN (PUK) of the token '%1'SearchPlease enter the new SO PIN (PUK) for the token '%1'The new label of the token '%1'The token '%1' did not contain any keys or certificatesCurrent PasswordPlease enter the current database passwordThe entered password is wrongNew PasswordPlease enter the new password to encrypt your private keys in the database-fileTransaction start failedPlease enter a password, that will be used to encrypt your private keys in the database:
%1Password verify error, please try againPasswordPlease enter the password for unlocking the database:
%1The following error occurred:Copy to ClipboardCertificate Index ( index.txt )All files ( * )Diffie-Hellman parameters saved as: %1Diffie-Hellman parameters are needed for different applications, but not handled by XCA.
Please enter the DH parameter bitsNewCrlLast updateNext updateDaysMonthsYearsMidnightLocal timeApplyOptionsCRL numberSubject alternative nameRevocation reasonsAuthority key identifierHash algorithmNewKeyPlease give a name to the new key and select the desired keysizeKey propertiesNameThe internal name of the new keyCurve nameUsually at least 2048 bit keys are recommendedNew KeyKeysizeKeytypeRemember as defaultCreateNewX509SourceSigning requestShow requestSign this Certificate signing &requestCopy extensions from the requestModify subject of the requestSigningCreate a &self signed certificateUse &this Certificate for signingAll certificates in your database that can create valid signaturesSignature algorithmTemplate for the new certificateAll available templatesApply extensionsApply subjectApply allSubjectInternal NameDistinguished nameAddDeletePrivate keyThis list only contains unused keysUsed keys too&Generate a new keyExtensionsTypeIf this will become a CA certificate or notNot definedCertification AuthorityEnd EntityPath lengthHow much CAs may be below this.The basic constraints should always be criticalKey identifierCreates a hash of the key following the PKIX guidelinesCopy the Subject Key Identifier from the issuerValidityNot beforeNot afterTime rangeDaysMonthsYearsApplySet the time to 00:00:00 and 23:59:59 respectivelyMidnightLocal timeNo well-defined expirationDNS: IP: URI: email: RID:EditURI:Key usageNetscapeAdvancedValidateCommentThis name is only used internally and does not appear in the resulting certificateCriticalCreate Certificate signing requestminimum size: %1maximum size: %1only a-z A-Z 0-9 '()+,-./:=?only 7-bit clean charactersEdit XCA templateCreate x509 CertificateTemplate '%1' appliedSubject applied from template '%1'Extensions applied from template '%1'New key '%1' createdOther TabsAdvanced TabErrorsFrom PKCS#10 requestAbort rolloutThe following length restrictions of RFC3280 are violated:Edit subjectContinue rolloutThe verification of the Certificate request failed.
The rollout should be aborted.Continue anywayThe internal name and the common name are empty.
Please set at least the internal name.Edit nameThere is no Key selected for signing.Select keyThe following distinguished name entries are empty:
%1
though you have declared them as mandatory in the options menu.The key you selected for signing is not a private one.Select other signerSelect other keyThe certificate will be earlier valid than the signer. This is probably not what you want.Edit datesAdjust date and continueThe certificate will be longer valid than the signer. This is probably not what you want.The certificate will be out of date before it becomes valid. You most probably mixed up both dates.The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab.The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate.Edit extensionsThe subject alternative name shall contain a copy of the common name. However, the common name is empty.Configfile error on line %1
OidResolverOID ResolverEnter the OID, the Nid, or one of the textual representationsSearchOIDLong nameOpenSSL internal IDNidShort nameOpenDbOpen remote databaseDatabase typeHostnameUsernamePasswordDatabase nameTable prefixNo SqLite3 driver available. Please install the qt-sqlite package of your distributionPlease enter the password to access the database server %2 as user '%1'.The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care.OptionsXCA OptionsSettingsDefault hash algorithmString typesSuppress success messagesDon't colorize expired certificatesTranslate established x509 terms (%1 -> %2)The hashing functionality of the token is not used by XCA.
It may however honor a restricted hash-set propagated by the token.
Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification.Only use hashes supported by the token when signing with a token keyDisable legacy Netscape extensionsCertificate expiry warning thresholdSend vCalendar expiry reminderSerial number length bitDistinguished nameMandatory subject entriesAddDeleteExplicit subject entriesDynamically arrange explicit subject entriesDefaultPKCS#11 providerRemoveSearchPrintable string or UTF8 (default)PKIX recommendation in RFC2459No BMP strings, only printable and T61UTF8 strings only (RFC2459)All stringsDaysWeeksPwDialogThe password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f)Take as HEX stringRepeat %1%1 mismatchHex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of charactersE&xitQObjectUndefinedBroken / Invalidin %1 seconds%1 seconds agoin %1 minutes%1 minutes agoYesterdayTomorrowin %1 hours%1 hours agoDB: Rename: '%1' already in useDB: Entry to rename not found: %1DB: Write error %1 - %2Out of dataError finding endmarker of stringOut of Memory at %1:%2All files ( * )Import RSA keyPKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );;PKCS#10 CSR ( *.pem *.der *.csr );; Import RequestCertificates ( *.pem *.der *.crt *.cer );;Import X.509 CertificatePKCS#7 data ( *.p7s *.p7m *.p7b );;Import PKCS#7 CertificatesPKCS#12 Certificates ( *.p12 *.pfx );;Import PKCS#12 Private CertificateXCA templates ( *.xca );;Import XCA TemplatesRevocation lists ( *.pem *.der *.crl );;Import Certificate Revocation ListXCA Databases ( *.xdb );;Open XCA DatabasePKCS#11 library ( *.dll );;PKCS#11 library ( *.dylib *.so );;PKCS#11 library ( *.so );;Open PKCS#11 shared libraryPEM files ( *.pem );;Load PEM encoded filePlease enter the PIN on the PinPadPlease enter the SO PIN (PUK) of the token %1Please enter the PIN of the token %1No Security token foundSelectPlease enter the new SO PIN (PUK) for the token: '%1'Please enter the new PIN for the token: '%1'Required PIN size: %1 - %2Failed to open PKCS11 library: %1: %2This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found.DisabledLibrary loading failedPKCS#11 function '%1' failed: %2PKCS#11 function '%1' failed: %2
In library %3
%4Invalid%1 is shorter than %2 bytes: '%3'%1 is longer than %2 bytes: '%3'String '%1' for '%2' contains invalid charactersError reading config file %1 at line %2The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed.The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts.Unknown object '%1' in file %2 line %3Failed to start a database transactionReqTreeViewSignUnmark signedMark signedSimilar RequestRevocationListManage revocationsAddDeleteEditNo.SerialRevocationReasonInvalidationGenerate CRLRevokeCertificate revocationRevocation detailsRevocation reasonLocal timeInvalid sinceSerialSearchPkcs11Directory...Include subdirectoriesSearchThe following files are possible PKCS#11 librariesSelectTokenSecurity tokenPlease select the security tokenTempTreeViewDuplicateCreate certificateCreate requestcopyValidityyyyy-MM-dd hh:mmX509SuperTreeViewOpenSSL configTransformTemplatePublic keyXcaTreeViewSubject entriesX509v3 ExtensionsNetscape extensionsResetHide ColumnDetailsColumnsNewImportPaste PEM dataRenamePropertiesDeleteExportClipboardFiledb_baseInternal nameNo.Primary keyDatabase unique numberDateDate of creation or insertionSourceGenerated, Imported, TransformedCommentFirst line of the comment fieldCould not create directory %1Item propertiesHow to export the %1 selected itemsAll in one PEM fileEach item in one fileSave %1 items in one file asPEM files ( *.pem );; All files ( * )db_crlSignerInternal name of the signerNo. revokedNumber of revoked certificatesLast updateNext updateCRL numberThe revocation list already exists in the database as:
'%1'
and so it was not importedRevocation list exportCRL ( *.pem *.der *.crl )There are no CA certificates for CRL generationSelect CA certificateCreate CRLFailed to initiate DB transactionDatabase error: %1db_keyTypeSizeEC GroupUsePasswordThe key is already in the database as:
'%1'
and is not going to be importedThe database already contains the public part of the imported key as
'%1
and will be completed by the new, private part of the keyExtending public key from %1 by imported key '%2'Key size too small !You are sure to create a key of the size: %1 ?PEM publicSSH2 publicPEM privateExport keys to ClipboardClipboardExport public key [%1]DER publicDER privatePEM encrypedPKCS#8 encryptedExport private key [%1]Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )Tried to change password of a tokendb_tempBad template: %1Empty templatePreset Template valuesSave template asXCA templates ( *.xca );; All files ( * )db_x509CAreflects the basic Constraints extensionSerialStart dateExpiry dateMD5 fingerprintSHA1 fingerprintSHA256 fingerprintNot beforeNot afterRevocationCRL ExpirationPlain ViewTree ViewFailed to retrieve unique random serialThe certificate already exists in the database as:
'%1'
and so it was not importedSigned on %1 by '%2'UnknownInvalid public keyPKCS#7 unrevokedPEM unrevokedvCalendarCA vCalendardaysNo templateThe key you selected for signing is not a private one.Store the certificate to the key on the token '%1 (#%2)' ?PEM chainPKCS#7 chainPKCS#12 chainPKCS#7 allPEM + keyPEM allCertificate Index fileCertificate exportX509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b )There was no key found for the Certificate: '%1'Not possible for a token key: '%1'Not possible for the token-key Certificate '%1'db_x509nameSubjectComplete distinguished nameSubject hashHash to lookup certs in directoriesdb_x509reqSignedwhether the request is already signed or notUnstructured nameChallenge passwordCertificate countNumber of certificates in the database with the same public keyThe certificate signing request already exists in the database as
'%1'
and thus was not storedCertificate request exportCertificate request ( *.pem *.der *.csr )db_x509superKey nameInternal name of the keySignature algorithmExtracted from %1 '%2'CertificateCertificate requestSave as OpenSSL configConfig files ( *.conf *.cnf);; All files ( * )The following extensions were not ported into the templateTransformed from %1 '%2'kvViewTypeContentpass_infoPasswordPINpki_baseError opening file: '%1': %2UnknownImportedGeneratedTransformedTokenLegacy DatabaseRenewedInternal error: Unexpected message: %1 %2pki_crlSuccessfully imported the revocation list '%1'Delete the revocation list '%1'?Successfully created the revocation list '%1'Delete the %1 revocation lists: %2?Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL.No issuer givenWrong Size %1Renew CRL: %1The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4.
It is stored in the XCA database '%5'pki_evpFailed to decrypt the key (bad password) %1Please enter the password to decrypt the private key.The key from file '%1' is incomplete or inconsistent.Please enter the password to decrypt the private key from file:
%1Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format.Ignoring unsupported private keyPlease enter the password to decrypt the private key: '%1'Password input abortedPlease enter the database password for decrypting the key '%1'Please enter the password to protect the private key: '%1'Please enter the database password for encrypting the keyPlease enter the password protecting the PKCS#8 key '%1'Please enter the export password for the private key '%1'pki_keySuccessfully imported the %1 public key '%2'Delete the %1 public key '%2'?Successfully imported the %1 private key '%2'Delete the %1 private key '%2'?Successfully created the %1 private key '%2'Delete the %1 keys: %2?Public keyCommonPrivateBogusPINNo passwordUnexpected SSH2 content: '%1'Invalid SSH2 public keyFailed writing to %1pki_multiNo known PEM encoded items foundpki_pkcs12Please enter the password to decrypt the PKCS#12 file:
%1Unable to load the PKCS#12 (pfx) file %1.The supplied password was wrong (%1)Please enter the password to encrypt the PKCS#12 fileNo key or no Cert and no pkcs12pki_pkcs7Unable to load the PKCS#7 file %1. Tried PEM and DER format.pki_scardSuccessfully imported the token key '%1'Delete the token key '%1'?Successfully created the token key '%1'Delete the %1 keys: %2?Delete the private key '%1' from the token '%2 (#%3)' ?This Key is already on the tokenPIN input abortedUnable to find copied key on the tokenPlease insert card: %1 %2 [%3] with Serial: %4Illegal Key generation methodUnable to find generated key on cardIgnoring unsupported token keyWrong Size %1Token %1Failed to find the key on the tokenInvalid Pin for the tokenFailed to initialize the key on the tokenpki_tempSuccessfully imported the XCA template '%1'Delete the XCA template '%1'?Successfully created the XCA template '%1'Delete the %1 XCA templates: %2?Wrong Size %1Template file content error (too small)Not a PEM encoded XCA TemplateNot an XCA Template, but '%1'pki_x509Successfully imported the certificate '%1'Delete the certificate '%1'?Successfully created the certificate '%1'Delete the %1 certificates: %2?Unable to load the certificate in file %1. Tried PEM and DER certificate.This certificate is already on the security tokenDelete the certificate '%1' from the token '%2 (#%3)'?There is no key for signing !Wrong Size %1NoYesRenew certificate: %1The XCA certificate '%1', issued on %2 will expire on %3.
It is stored in the XCA database '%4'CRL Renewal of CA '%1' dueThe latest CRL issued by the CA '%1' will expire on %2.
It is stored in the XCA database '%3'pki_x509reqSigning key not valid (public key)Successfully imported the %1 certificate request '%2'Delete the %1 certificate request '%2'?Successfully created the %1 certificate request '%2'Delete the %1 certificate requests: %2?Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format.Wrong Size %1SignedUnhandledv3extCopy Common NameAddDeleteApplyValidateCancelAn email address or 'copy'An email addressA registered ID: OBJECT IDENTIFIERA uniform resource indicatorA DNS domain name or 'copycn'A DNS domain nameAn IP addressSyntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name'No editing. Only 'copy' allowed hereValidation failed:
'%1'
%2Validation successful:
'%1'