Red Hat Certificate System is an enterprise software system that gives you a scalable, secure framework to establish and maintain trusted identities and keep communications private.
Red Hat Certificate System provides certificate life-cycle management-issue, renew, suspend, revoke, archive and recover, and manage single and dual-key X.509v3 certificates needed to handle strong authentication, single sign-on, and secure communications.
The upstream release is called Dogtag.
Everything is installed on one (1) VM or physical machine but some preparation is needed prior to starting this workshop.
Red Hat Enterprise Linux 7 (fully patched)
RHDS (rhel-7-server-rhds) and RHCS (rhel-7-server-rhcmsys-9-rpms) entitlements
Clone this repository
git clone https://gitlab.consulting.redhat.com/pki/pki-workshop.git
Add /etc/hosts entries (IPs can be changed)
192.168.124.10 ds1.redhat.example.com
192.168.124.11 ca1.redhat.example.com
Configure separate interfaces with above IPs. Can be virtual.
Firewall rules
firewall-cmd --permanent --add-service=ldap
firewall-cmd --permanent --add-service=ldaps
firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --permanent --add-port=8443/tcp
firewall-cmd --reload
Ready to get started? Start the first lesson Unit 1: Installing Directory Server.
Links
| CS Deployment Guide | CS Administration Guide | CS CLI Guide |
| DS Deployment Guide | DS Installation Guide | DS Administration Guide |
| Dogtag Wiki |