Quick Start - dogtagpki/pki GitHub Wiki

Overview

This document describes the process to install a simple PKI system which consist of a DS instance and a CA instance on a single machine.

Installing PKI Packages

To install PKI packages, execute the following command:

$ dnf install -y dogtag-pki

Creating DS Instance

To create a DS instance, see DS Installation.

Creating PKI Subsystems

To install CA subsystem, see Installing CA Interactively.

To install KRA subsystem, see Installing KRA Interactively.

See also Installation Guide.

Accessing PKI Services

To access PKI services via Web UI open https://pki.example.com:8443 with a browser. See Importing Admin Certificate into Firefox.

To access PKI services via command-line, use the PKI CLI. See Importing Admin Certificate into PKI CLI.

Using PKI Services

The most common PKI services are:

See also CA User Guide.

Managing PKI Services

See Administration Guide and CA Administration Guide.

Removing CA Subsystem

To remove the CA subsystem in interactive mode, run pkidestroy :

$ pkidestroy
Subsystem (CA/KRA/OCSP/TKS/TPS) [CA]:
Instance [pki-tomcat]:

Begin uninstallation (Yes/No/Quit)? Y

Loading deployment configuration from /var/lib/pki/pki-tomcat/ca/registry/ca/deployment.cfg.
Uninstalling CA from /var/lib/pki/pki-tomcat.

Uninstallation complete.

See also Installation Guide.

⚠️ **GitHub.com Fallback** ⚠️