The Internal Database; About The Internal Database - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual

The Internal Database

Each instance of CS uses a Red Hat Directory Server instance as its internal database. When
you install a CS instance, an internal database is created for that instance. The install
program also allows you to share a directory server between two or more instances.
You can change the internal database used by a CS instance. This section describes how to
change that instance and how to restrict access to the internal database.
CAUTION The internal database schema is preconfigured for storing CS data only. Do

About the Internal Database

CS performs various certificate and key-management functions in response to the requests
it receives. These functions include the following:
• Storing and retrieving of certificate issuance requests
• Storing and retrieving of certificate records
• Storing of CRLs
• Storing of ACLs
• Storing of privileged user and role information
• Storing and retrieving of end users' encryption private key records
To fulfill these functions, CS maintains a persistent store—a preconfigured Red Hat
Directory Server—referred to as the internal database or local database. The internal
database is installed automatically as a part of the CS installation. It is used as an embedded
database exclusively by CS and can be managed using Directory management tools that
come with Red Hat Directory Server.
The Directory Server instance used for the internal database is different from the
LDAP-compliant directory that you use to manage your corporate wide data (users and
groups, their certificates, CRLs, and so on).
not make any changes to it or configure CS to use any other LDAP
directory. Doing so can result in loss of data. Also, do not use this database
for any other purpose.
The Internal Database
Chapter 8 Administrative Basics 281