Jump to letter: [
3ABCDEFGHIJKLMNOPQRSTVWXYZ
]
pki-ca - Certificate System - Certificate Authority
- Description:
The Certificate Authority (CA) is a required PKI subsystem which issues,
renews, revokes, and publishes certificates as well as compiling and
publishing Certificate Revocation Lists (CRLs).
The Certificate Authority can be configured as a self-signing Certificate
Authority, where it is the root CA, or it can act as a subordinate CA,
where it obtains its own signing certificate from a public CA.
This package is one of the top-level java-based Tomcat PKI subsystems
provided by the PKI Core used by the Certificate System.
==================================
|| ABOUT "CERTIFICATE SYSTEM" ||
==================================
Certificate System (CS) is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.
PKI Core contains ALL top-level java-based Tomcat PKI components:
* pki-symkey
* pki-base
* pki-base-python2 (alias for pki-base)
* pki-base-python3
* pki-base-java
* pki-tools
* pki-server
* pki-ca
* pki-kra
* pki-ocsp
* pki-tks
* pki-tps
* pki-javadoc
which comprise the following corresponding PKI subsystems:
* Certificate Authority (CA)
* Key Recovery Authority (KRA)
* Online Certificate Status Protocol (OCSP) Manager
* Token Key Service (TKS)
* Token Processing Service (TPS)
Python clients need only install the pki-base package. This
package contains the python REST client packages and the client
upgrade framework.
Java clients should install the pki-base-java package. This package
contains the legacy and REST Java client packages. These clients
should also consider installing the pki-tools package, which contain
native and Java-based PKI tools and utilities.
Certificate Server instances require the fundamental classes and
modules in pki-base and pki-base-java, as well as the utilities in
pki-tools. The main server classes are in pki-server, with subsystem
specific Java classes and resources in pki-ca, pki-kra, pki-ocsp etc.
Finally, if Certificate System is being deployed as an individual or
set of standalone rather than embedded server(s)/service(s), it is
strongly recommended (though not explicitly required) to include at
least one PKI Theme package:
* dogtag-pki-theme (Dogtag Certificate System deployments)
* dogtag-pki-server-theme
* redhat-pki-server-theme (Red Hat Certificate System deployments)
* redhat-pki-server-theme
* customized pki theme (Customized Certificate System deployments)
* <customized>-pki-server-theme
NOTE: As a convenience for standalone deployments, top-level meta
packages may be provided which bind a particular theme to
these certificate server packages.
Packages
pki-ca-10.3.3-19.el7_3.noarch
[495 KiB] |
Changelog
by Dogtag Team (2017-05-19):
- ## RHEL 7.3.z Batch Update 6
- Bugzilla Bug #1447095 - RHCS 9.1 RC5 CA in the certificate profiles the
startTime parameter is not working as expected. (jmagne)
|
pki-ca-10.3.3-18.el7_3.noarch
[494 KiB] |
Changelog
by Dogtag Team (2017-03-06):
- ## RHEL 7.3.z Batch Update 4
- Bugzilla Bug #1429492 - Add profile component that copies CN to SAN
(ftweedal)
|
pki-ca-10.3.3-16.el7_3.noarch
[493 KiB] |
Changelog
by Dogtag Team (2016-12-15):
- Separate original patches into RHEL and RHCS portions
- ## RHEL 7.3.z Batch Update 2
- Bugzilla Bug #1404176 - logging properties and man pages (edewata)
- Bugzilla Bug #1405328 - TPS throws "err=6" when attempting to format and
enroll G&D Cards (jmagne)
- ## RHCS 9.1.z Batch Update 2
- Bugzilla Bug #1395479 - TPS throws "err=6" when attempting to format and
enroll G&D Cards (jmagne)
- Bugzilla Bug #1404900 - RHCS logging properties (edewata)
|
pki-ca-10.3.3-14.el7_3.noarch
[492 KiB] |
Changelog
by Dogtag Team (2016-11-08):
- Marked the following RHCS 9.1.z bug:
Bugzilla Bug #1382862 - TPS token enrollment fails to setupSecureChannel
when TPS and TKS security db is on fips mode. (jmagne)
as a duplicate of RHEL 7.3.z bug:
Bugzilla Bug #1389757 - Problems with FIPS mode (edewata)
and moved the patch from the RHCS 9.1.z bug to the RHEL 7.3.z bug.
|