[Pki-users] DogTag CS for CentOS or later Fedora Versions

pki tech techpkiuser at gmail.com
Mon Oct 1 05:13:23 UTC 2012 

John,

Thanks. Had a quick look at the project. Seems nice and will dig deep.


On Thu, Sep 27, 2012 at 7:03 PM, John Dennis <jdennis at redhat.com> wrote:

> On 09/27/2012 04:24 AM, pki tech wrote:
>
>> Hi all,
>>
>> Im planning to go for a Large scale CA implementation with Current
>> DogTag release 9.0 on Fedora 15. But the main worry that i have is the
>> Fedora Support Cycle, which makes an doubt on the security of the
>> Systems at the long run.
>>
>> Are there anyone who has successfully deployed a complete CA, OCSP and
>> RA based solution on CentOS platform? If so I can continue my
>> implementations with CentOS. What I found while googling was there are
>> package issues while deploying DogTag over CentOS.
>>
>> Although the main site says DogTag 9.0 is tested for up to only Fedora
>> 15, I found rpms for the subsystems pki-ca, pki-ocsp and pki-ra in other
>> Fedora repositories for example Fedora 16. So will it be possible to
>> have a stable PKI infrastructure over Fedora 16 with DogTag 9.0 (DogTag
>> 10 is still in alpha stage)
>>
>> In the meantime I'm locally testing all the functionalities of DogTag
>> 9.0 over Fedora 16 and CentOS. Will update as I progress.
>>
>
> The IPA project (www.freeipa.org) uses dogtag as a core component of it's
> infrastructure. On Fedora IPA is known as freeipa and on RHEL (CentOS is a
> RHEL clone) it's known as just ipa. IPA is a critical component of many new
> deployments (RHEL, Fedora, and hopefully soon others) and since dogtag
> heavily is used by IPA you can be assured it's getting a lot attention and
> will run well on our targeted distributions (especially RHEL and it's
> derivatives).
>
> I'm not sure what you plan to use dogtag for, but IPA may give a much
> friendlier way to access the functionality found in dogtag, as well as a
> host of other features.
>
> The packaging issues you refer to are likely solved now largely because
> when IPA started making heavy use of dogtag a few years ago those issues
> percolated to the top and were addressed. The dogtag and IPA teams work
> very closely together and are constantly refining both products, you
> shouldn't worry in this regard.
>
> HTH,
>
> John
>
>
>
> --
> John Dennis <jdennis at redhat.com>
>
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20121001/a9e1bb94/attachment.htm>

More information about the Pki-users mailing list