XML Key Management Service (XKMS)

Available in CXF 3.0.0.

Use case

CXF uses asymmetric algorithms for different purposes: encryption of symmetric keys and payloads, signing security tokens and messages, proof of possession.
Normally the public keys (in form of X509 certificates) are stored in java keystores.

...

• only X509 certificates are supported as keys;
• only LDAP and File based backends are supported;validate operations checks expiration date, but doesn't validate trusted chain;
• revocation lists are not implemented;
• more integration tests are required