Desktop app
Install OpenCred Desktop, import or generate a signing key, and issue your first credential.
OpenCred Desktop is the interactive client for issuing and verifying credentials on macOS, Windows, and Linux. Issuer keys stay on your machine.
🧪 Beta. macOS shows a one-time security prompt on first launch — approve it under System Settings → Privacy & Security. Support: open an issue.
System requirements
Platform | Minimum version |
|---|---|
macOS | 12 (Monterey)+ |
Windows | 10+ (installer not currently shipped — see release page for status) |
Linux | Ubuntu 20.04+ |
Release builds have no runtime dependencies. For building from source: Node.js 20+, pnpm 9+.
Install
Download the latest installer for your platform from the public release page: github.com/nfh-trust-labs/opencred-releases/releases
macOS —
.dmgdisk imageLinux —
.AppImageor.deb
Each release ships a SHA256SUMS file. Verify integrity before running the installer:
# Linux sha256sum -c SHA256SUMS --ignore-missing # macOS shasum -a 256 -c SHA256SUMS --ignore-missing
From source
git clone <repo-url> cd opencred pnpm install pnpm build cd apps/desktop pnpm dev
First launch
If no keys are imported, the app opens the Onboarding Wizard. Otherwise it opens to the Home screen with the template gallery and credential history.
Onboarding wizard — three paths
Path 1 — I have a Digital Signature Certificate (DSC)
Choose your key source:
Option | Description |
|---|---|
Upload certificate file | Import PFX, PEM, JWK, or PKCS#8 DER files |
Hardware token | Connect PKCS#11 devices (YubiKey, smart cards) |
OS certificate store | Use macOS Keychain or Windows CNG certificates |
After import, a Key Details card shows: DID, algorithm, fingerprint, and source.
Path 2 — I want to get a DSC
CA integration for DSC acquisition. Coming soon.
Path 3 — Self-published keys (did:web)
Generate keys locally and publish your public key via did:web at .well-known/did.json on your domain. (Key management — publish, rotate, revoke — is covered in the in-app Key Management guide and the DeDi key registry model.)
Issue your first credential
Click a template (e.g. Education Credential) on the Home screen.
Fill in the subject fields (name, degree, institution, date conferred).
Select your signing key.
Click Build & Sign.
Export as JSON, PDF, or QR code.
Then
Verifying credentials — verify offline, by QR, PDF, or paste.
Docker image & API — the same engine, headless, for automation.
Security model — how keys are handled.