Skip to content

Quick Start

Jump to bottom
Endi S. Dewata edited this page Jan 20, 2022 · 20 revisions

Overview

This document describes the process to install a simple PKI system which consist of a DS instance and a CA instance on a single machine.

Installing PKI Packages

To install PKI packages, execute the following command:

$ dnf install -y dogtag-pki

Creating DS Instance

To create a DS instance, see DS Installation.

Creating PKI Subsystems

To install CA subsystem, see Installing CA Interactively.

To install KRA subsystem, see Installing KRA Interactively.

See also Installation Guide.

Accessing PKI Services

To access PKI services via Web UI open https://pki.example.com:8443 with a browser. See Importing Admin Certificate into Firefox.

To access PKI services via command-line, use the PKI CLI. See Importing Admin Certificate into PKI CLI.

Using PKI Services

The most common PKI services are:

See also CA User Guide.

Managing PKI Services

Removing CA Subsystem

To remove the CA subsystem in interactive mode, run pkidestroy :

$ pkidestroy
Subsystem (CA/KRA/OCSP/TKS/TPS) [CA]:
Instance [pki-tomcat]:

Begin uninstallation (Yes/No/Quit)? Y

Loading deployment configuration from /var/lib/pki/pki-tomcat/ca/registry/ca/deployment.cfg.
Uninstalling CA from /var/lib/pki/pki-tomcat.

Uninstallation complete.

See also Installation Guide.

Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
Clone this wiki locally