Before installing EJBCA, review this list of required software to be installed. 

Java
OpenJDK 11Supported and recommended.
OpenJDK 17

Using Java 17 requires an application server that supports it, such as WildFly 26+.

If installing EJBCA Community Edition on Java 17, the PKCS11CryptoToken does not work due to the access-control boundaries defined by the JDK module system. To overcome the issue and avoid getting exceptions while creating the PKCS#11 token in EJBCA, the Java process that runs the application server is passed the JAVA_OPTS parameter "--add-exports=jdk.crypto.cryptoki/sun.security.pkcs11.wrapper=ALL-UNNAMED"

The following shows an example of adding the JAVA_OPTS parameter to a typical WildFly installation:

echo -e "\nJAVA_OPTS=\"\$JAVA_OPTS --add-exports=jdk.crypto.cryptoki/sun.security.pkcs11.wrapper=ALL-UNNAMED\"" >> /opt/wildfly/bin/standalone.conf
BASH

OpenJDK is available for both Linux and Windows. 

There are also commercial JDK versions available, which may work but are not regularly regression tested by PrimeKey.

The Oracle JDK (starting April 16, 2019) is one example of a commercial JDK. For more information, see Oracle Java SE Support Roadmap and Java SE Development Kit 8 Downloads

Application Server
JBoss EAP 7.4JBoss EAP 7.4 is currently recommended. See Application Servers.
WildFlyWildFly 26 is currently recommended. See Application Servers. WildFly makes frequent releases, and newer versions usually work well, but may not be regularly tested by PrimeKey.
Databases
MariaDB, MySQL et alEJBCA supports multiple relational databases such as MariaDB, MySQL, Oracle Database, PostgreSQL and others. MariaDB and MySQL are recommended. For more information, see Creating the Database.
Build Tool
Apache Ant 1.9.8 or later

JavaScript support may be needed in Ant for some components.

Next Step

Next, configure properties prior to the installation according to information in Managing EJBCA Configurations.