dogtagpki / Pki
Programming Languages
Projects that are alternatives of or similar to Pki
Dogtag PKI
The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more.
There are 6 different subsystems included in the Dogtag PKI suite:
- Certificate Authority (CA) subsystem
- Key Recovery Authority (KRA) subsystem
- Online Certificate Status Protocol (OCSP) subsystem
- Token Key Service (TKS) subsystem
- Token Processing System (TPS) subsystem
- ACME Responder
Documentation
The best place to start learning about the product is the Dogtag PKI Wiki
Installing
Fedora
To install the whole Dogtag PKI suite:
sudo dnf install dogtag-pki
To install individual subsystems:
sudo dnf install pki-ca pki-kra pki-ocsp pki-tks pki-tps
To install web UI theme packages:
sudo dnf install dogtag-pki-server-theme dogtag-pki-console-theme
Deploying
After successful installation of the packages, follow the below steps to deploy intended subsystems:
For other types of deployments (Sub-CA, Clones, HSMs, etc) please see under docs/installation
Building
Fedora/CentOS/RHEL
Prerequisites
sudo dnf install dnf-plugins-core rpm-build git
# NOTE: Use the intendended branch name instead of "master" to pull right dependency version
sudo dnf copr enable @pki/master
sudo dnf builddep pki.spec
Build Procedure
After successfully installing the prerequisites, the project can be built with a one-line command:
./build.sh
The built RPMS will be placed in ~/build/pki/
directory.
See also Building PKI
Testing
Test | Status |
---|---|
CA | |
KRA | |
OCSP | |
TKS | |
TPS | |
ACME | |
Python | |
Tools | |
QE | |
IPA |
Contributing
There are multiple ways for you to be part of this project. Please see CONTRIBUTING to learn more.
Contact
You can reach the Dogtag PKI team over the #dogtag-pki channel on freenode.net. Note that you need to be a registered user to message on this channel. You can also send an email to [email protected].
See also Contact Us