Table of Contents
Advertisement
Red Hat Certificate System 7.1 was comprised of a single large package. Red Hat Certificate System
7.2 has been modularized into numerous smaller packages to allow easier support by updating an ex-
isting package rather than the entire server. This has the additional advantage of allowing changes to
be more easily tracked through the operating system's package management database. For example,
32-bit Red Hat Enterprise Linux 4 version of Certificate System is comprised of the following nine
entry-point packages:
Package Name
rhpki-ca-7.2.0-1.noarch.rpm
rhpki-kra-7.2.0-1.noarch.rpm
rhpki-ocsp-7.2.0-1.noarch.rpm
rhpki-tks-7.2.0-1.noarch.rpm
rhpki-tps-7.2.0-1.i386.rpm
rhpki-console-7.2.0-1.noarch.rpm
rhpki-java-tools-7.2.0-1.noarch.rpm
rhpki-native-tools-7.2.0-1.i386.rpm
esc-1.0.0-16.i386.rpm
Table 1. Packages in Red Hat Certificate System 7.2
The new modular architecture is based upon standards such as the Filesystem Hierarchy Standard
(FHS) 2.3. This means that there is no longer an all-inclusive server root. Rather, Red Hat Certificate
System server functionality is implemented through distribution to appropriate locations within the op-
erating system. For example, 32-bit Red Hat Certificate System libraries are located under /usr/lib,
binaries are located under /usr/bin, and Java™ archives (jars) are located under /
usr/share/java.
In Red Hat Certificate System 7.1, the Java™-based tool startconsole was used to configure and
manage any server instance of Red Hat Certificate System. In Red Hat Certificate System 7.2, an
HTML-based configuration wizard is used to configure any new subsystem instance, while a utility
called pkiconsole is used to manage existing instances. The HTML configuration panels are indi-
vidually customized for subsystem type.
Red Hat Certificate System 7.1 used Netscape Enterprise Server as an integrated web server for all of
its HTTP/HTTPS transactions. Red Hat Fortitude provides a Network Security Services (NSS) module
to the Apache HTTP Server 2.0 and a Java™ Security Services (JSS) plug-in to Tomcat 5.5. The leg-
acy NES web server in CA, DRM, OCSP, and TKS subsystems has been replaced by Tomcat running
Fortitude, and the legacy NES web server in TPS subsystems has been replaced by Apache running
Fortitude.
Previously, Red Hat Directory Server was bundled and installed with Red Hat Certificate System. Red
Hat Certificate System 7.2 still requires a Red Hat Directory Server 7.1 (SP 3) installation for each
subsystem at configuration, but this server must be installed separately and before the Certificate Sys-
tem is installed.
New Features in Red Hat Certificate System 7.2
Package Description
Certificate Authority (CA)
Data Recovery Manager (DRM); also known as Key Recovery
Authority (KRA)
Online Certificate Status Protocol (OCSP) Responder
Token Key Service (TKS)
Token Processing System (TPS)
PKI Console
Java™-based command-line tools
Native command-line tools
Red Hat Enterprise Security Client
3
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.2 - RELEASE NOTES
Related Products for Red Hat CERTIFICATE SYSTEM 7.2 - RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006