Table of Contents
Advertisement
Chapter 1.
Overview of Certificate System
Subsystems
Red Hat Certificate System is a highly configurable set of components which create and manage
certificates and keys at every point of the certificate lifecycle. Certificate System is based on open
standards so that it effectively creates a scalable, customizable, and robust public-key infrastructure
(PKI).
Certificate System has subsystems which discretely handle different PKI management functions.
These subsystems interact in flexibly established ways to manage certificates and to manage tokens.
1.1. Subsystems for Managing Certificates
Up to four Certificate System subsystems work together to manage certificates:
• Certificate Manager, a certificate authority (CA) which issues, renews, and revokes certificates and
publishes certificate revocation lists (CRLs)
• Data Recovery Manager (DRM), which archives and recovers keys
• Online Certificate Status Manager (OCSP), which processes requests for certificates' revocation
status
• Registration Authority (RA), which validates and approves certificate requests locally and then
forwards approval to the CA to issue the certificates
1
Advertisement
Table of Contents
