Are you trying to setup a Public Key Infrastructure (PKI) to issue digital certificates? If so, EJBCA is one of the two best free and open-source software (FOSS) products for this. If all you're looking for is a
Java library to do certificate-based authentication within your applications, then BouncyCastle is probably the best FOSS for that.
Arshad Noor
StrongAuth, Inc.