The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more.
There are 6 different subsystems included in the Dogtag PKI suite:
The best place to start learning about the product is the Dogtag PKI Wiki
To install the whole Dogtag PKI suite:
sudo dnf install dogtag-pki
To install individual subsystems:
sudo dnf install pki-ca pki-kra pki-ocsp pki-tks pki-tps
To install web UI theme packages:
sudo dnf install dogtag-pki-theme
After successful installation of the packages, follow the below steps to deploy intended subsystems:
For other types of deployments (Sub-CA, Clones, HSMs, etc) please see under docs/installation
sudo dnf install dnf-plugins-core rpm-build git # NOTE: Use the intendended branch name instead of "master" to pull right dependency version sudo dnf copr enable @pki/master sudo dnf builddep pki.spec
After successfully installing the prerequisites, the project can be built with a one-line command:
The built RPMS will be placed in
See also Building PKI
There are multiple ways for you to be part of this project. Please see CONTRIBUTING to learn more.
See Contact Us.