Libraries; Working With The Registration Authority; Configuring Additional Ra Instances - Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual

5.2.5. Libraries

The RA also provides the following Perl libraries to facilitate the creation of custom enrollment
workflows:
Library
PKI::Base::CertStore
(/var/lib/rhpki-ra/
lib/perl/PKI/Base/
CertStore)
PKI::Base::PinStore (/
var/lib/rhpki-ra/lib/
perl/PKI/Base/PinStore)
PKI::Base::PinStore
(/var/lib/rhpki-ra/
lib/perl/PKI/Base/
UserStore)
PKI::Conn::CA (/var/
lib/rhpki-ra/lib/perl/
PKI/Conn/CA)
PKI::Request::Queue (/
var/lib/rhpki-ra/lib/
perl/PKI/Request/Queue)
Table 5.3. Perl libraries available for creating enrollment work flow
In the RA, the CGI that handles the SCEP request is running at http://example.com:12888/ee/scep/
pkiclient.cgi
Note
The RA only supports CA mode over SCEP.

5.3. Working With the Registration Authority

The following sections describe how to work with the Registration Authority, including listing, adding
and deleting users and groups, and associating users with groups. They also describe how to add new
Agents and Administrators.
Additional topics describe how to submit CSRs and to perform SCEP, Server, User, and Agent
Enrollment requests.

5.3.1. Configuring Additional RA Instances

The following sections describe how to add and configure additional RA instances to an existing
security domain.
By default, when you install an RA, it is automatically added to a default Registration Managers Group
on the CA. This means the default RA instance will have the correct identification information for
authentication and authorization.
Description
Perl interface to access the certificate store in the RA.
Perl interface to access the one-time PIN store.
Perl interface to access the user and group database.
Perl interface to access the CA for enrollment.
Perl interface to access the request queue in the RA.
Libraries
143