[Freeipa-users] FreeIPA vs DogTag CA
Rob Crittenden
rcritten at redhat.com
Thu Aug 11 15:54:25 UTC 2016
Kamal Perera wrote:
> Dear all,
>
> Seeking your kind advices.
>
> If the requirement is for having a scalable corporate CA only, is it
> possible to get this requirement fulfilled with DogTag only, or install
> FreeIPA and use the CA functionality only.
IPA limits dogtag to only those features it is interested in. This has
been expanding recently but you still lose some functionality.
IMHO if all you want is a CA then managing IPA is overkill.
> What are the functional differences and support limitations?
Functionally it depends on what version of IPA you're talking about.
Older versions only exposed server certificates. Newer versions support
user certifications, custom profiles and more. It is still just a subset
of what dogtag supports.
Support from whom? The dogtag community is happy to help (they've always
helped us).
rob
More information about the Freeipa-users
mailing list