Managing Certificates; Certificate Overview; Types Of Certificates - Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual

Chapter 11.

Managing Certificates

This chapter gives an overview of using certificates: what types and formats are available, how to
request and create them through the HTML end-entity forms and through the Certificate System
Console, and how to install certificates in the Certificate System and on different clients. Additionally,
there is information on managing certificates through the Console and configuring the servers to use
them.
NOTE
For information on revoking certificates and creating CRLs, see
and CRLs.
For information on publishing certificates and CRLs, see

11.1. Certificate Overview

The Certificate System is capable of generating different types of certificates for different uses and
in different formats. Planning which certificates are required and planning how to manage them are
important to manage both the PKI and the Certificate System instances.
Section 11.1.1, "Types of Certificates"
•
Section 11.1.2, "Determining Which Certificates to Install"
•
Section 11.1.3, "Certificate Data Formats"
•
Section 11.1.4, "Certificate Setup Wizard"
•

11.1.1. Types of Certificates

There are several different types of certificates that can be created and requested through the
Certificate System, depending on the functions for which the certificate will be used. The following are
some of the major certificates that are used:
• CA signing certificates
• OCSP signing certificates
• CRL signing certificates
• DRM transport certificates
• DRM storage certificates
• SSL server certificates
• SSL client certificates
• User certificates
• Dual key pairs/certificates
• Cross-pair certificates
Chapter 14, Revocation
Chapter 15, Publishing.
225