Dogtag Certificate System
Summary
Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA) supporting all aspects of certificate lifecycle management including key archival, OCSP and smartcard management.
Owner
- Name: Scott Haines
- email: shaines AT redhat DOT com
Current status
- Targeted release: Fedora 13
- Last updated: 01-22-2010
- Percentage of completion: 98%
Detailed Description
Details can be found here.
Benefit to Fedora
All new feature. Full featured open source PKI comprised of 6 major subsystems (25 packages):
- Certificate Authority (CA)
- Data Recovery Manager (DRM)
- OCSP Manager (OCSP)
- Registration Authority (RA)
- Token Key Service (TKS)
- Token Processing System (TPS)
Package List:
- tomcatjss
- osutil (x86, x86_64, ppc, ppc64)
- pki-symkey (x86, x86_64, ppc, ppc64)
- pki-native-tools (x86, x86_64, ppc, ppc64)
- pki-util
- pki-util-javadoc
- pki-java-tools
- pki-java-tools-javadoc
- pki-selinux
- pki-setup
- dogtag-pki-common-ui
- pki-common
- pki-common-javadoc
- pki-silent
- dogtag-pki-ca-ui
- pki-ca
- dogtag-pki-kra-ui
- pki-kra
- dogtag-pki-ocsp-ui
- pki-ocsp
- dogtag-pki-tks-ui
- pki-tks
- dogtag-pki-ra-ui
- pki-ra
- dogtag-pki-tps-ui
- pki-tps (x86, x86_64, ppc, ppc64)
- pki-tps-devel
- dogtag-pki-console-ui
- pki-console
Scope
- Code complete. Awaiting Package Review on three remaining packages.
- FIXME: state which packages still need reviews
How To Test
FIXME section is incomplete
Hardware Requirements
System Prep
Testing
Expected Results
User Experience
FIXME
Dependencies
BuildRequires
Build-time packages already included in Fedora:
- ant
- apr-devel
- apr-util-devel
- cyrus-sasl-devel
- httpd-devel >= 2.2.3
- idm-console-framework
- java-devel >= 1:1.6.0
- jpackage-utils
- jss >= 4.2.6
- ldapjdk
- m4
- make
- mozldap-devel
- nspr-devel >= 4.6.99
- nss-devel >= 3.12.3.99
- pcre-devel
- pkgconfig
- policycoreutils
- selinux-policy-devel
- svrcore-devel
- tomcat5
- velocity
- xalan-j2
- xerces-j2
- zlib
- zlib-devel
Build-time Dogtag packages new to Fedora:
- osutil
- pki-common
- pki-symkey
- pki-util
- tomcatjss
Requires
Runtime packages already included in Fedora:
- idm-console-framework
- java >= 1:1.6.0
- jpackage-utils
- jss >= 4.2.6
- ldapjdk
- mod_nss >= 1.0.7
- mod_perl
- mod_perl >= 1.99_16
- mozldap
- mozldap >= 6.0.2
- mozldap-tools
- nss >= 3.12.3.99
- nss-tools >= 3.12.3.99
- perl-DBD-SQLite
- perl-DBI
- perl-HTML-Parser
- perl-HTML-Tagset
- perl-Parse-RecDescent
- perl-URI
- perl-XML-NamespaceSupport
- perl-XML-Parser
- perl-XML-Simple
- policycoreutils
- selinux-policy-targeted
- sendmail
- sqlite
- tomcat5
- velocity
- xalan-j2
- xerces-j2
Runtime Dogtag packages new to Fedora:
- osutil
- pki-ca-ui
- pki-common
- pki-common-ui
- pki-console-ui
- pki-java-tools
- pki-kra-ui
- pki-native-tools
- pki-ocsp-ui
- pki-ra-ui
- pki-selinux
- pki-setup
- pki-silent
- pki-symkey
- pki-tks-ui
- pki-tps-ui
- pki-util
- tomcatjss
Top-level Dogtag packages new to Fedora:
- pki-ca
- pki-console
- pki-kra
- pki-ocsp
- pki-ra
- pki-tks
- pki-tps
Dogtag Subpackages new to Fedora:
- osutil-debuginfo
- pki-common-javadoc
- pki-java-tools-javadoc
- pki-native-tools-debuginfo
- pki-symkey-debuginfo
- pki-tps-debuginfo
- pki-tps-devel
- pki-util-javadoc
Contingency Plan
In it's current state, Dogtag will work.<--FIXME: this is unclear... revert to previous working version?
Documentation
- Documentation can be found here.
Release Notes
- Release Notes can be found here.