Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/dogtagpki/pki
The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
https://github.com/dogtagpki/pki
acme ca certificate certificate-authority certificate-lifecycle-management certificate-transparency dogtag-pki hsm nss ocsp pki ssl
Last synced: about 1 month ago
JSON representation
The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
- Host: GitHub
- URL: https://github.com/dogtagpki/pki
- Owner: dogtagpki
- License: gpl-2.0
- Created: 2017-02-16T19:36:36.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2024-05-29T01:04:45.000Z (about 1 month ago)
- Last Synced: 2024-05-29T07:26:22.854Z (about 1 month ago)
- Topics: acme, ca, certificate, certificate-authority, certificate-lifecycle-management, certificate-transparency, dogtag-pki, hsm, nss, ocsp, pki, ssl
- Language: Java
- Homepage: https://www.dogtagpki.org
- Size: 60.9 MB
- Stars: 333
- Watchers: 12
- Forks: 130
- Open Issues: 961
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Lists
- my-awesome-stars - pki - class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management. | dogtagpki | 271 | (Java)
- awesome-stars - dogtagpki/pki - class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management. (Java)
- awesome-stars - dogtagpki/pki - The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management. (others)
- awesome-stars - dogtagpki/pki - The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management. (Java)
README
# Dogtag PKI
The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more.
The Dogtag PKI suite provides the following subsystems:
- [Certificate Authority (CA)](https://github.com/dogtagpki/pki/wiki/Certificate-Authority)
- [Key Recovery Authority (KRA)](https://github.com/dogtagpki/pki/wiki/Key-Recovery-Authority)
- [Online Certificate Status Protocol (OCSP) Responder](https://github.com/dogtagpki/pki/wiki/OCSP-Responder)
- [Token Key Service (TKS)](https://github.com/dogtagpki/pki/wiki/Token-Key-Service)
- [Token Processing System (TPS)](https://github.com/dogtagpki/pki/wiki/Token-Processing-System)
- [Automatic Certificate Management Environment (ACME) Responder](https://github.com/dogtagpki/pki/wiki/ACME-Responder)## Documentation
The best place to start learning about the product is the [Dogtag PKI Wiki](https://github.com/dogtagpki/pki/wiki).
## Installing
### Fedora
To install the whole Dogtag PKI suite:
````bash
$ sudo dnf install dogtag-pki
````To install specific subsystems only:
````bash
$ sudo dnf install dogtag-pki-ca dogtag-pki-kra
````To install the theme package:
````bash
$ sudo dnf install dogtag-pki-theme
````## Deploying
After successful installation of the packages, follow the below steps to deploy intended subsystems:
- [Deploy CA](docs/installation/ca/Installing_CA.md)
- [Deploy KRA](docs/installation/kra/Installing_KRA.md)
- [Deploy OCSP](docs/installation/ocsp/Installing_OCSP.md)
- [Deploy TKS](docs/installation/tks/Installing_TKS.md)
- [Deploy TPS](docs/installation/tps/Installing_TPS.md)
- [Deploy ACME](docs/installation/acme/Installing_PKI_ACME_Responder.md)For other types of deployments (Sub-CA, Clones, HSMs, etc) please see the [Installation Guide](https://github.com/dogtagpki/pki/wiki/Installation-Guide).
## Building
### Fedora/CentOS/RHEL
#### Prerequisites
````bash
$ sudo dnf install dnf-plugins-core rpm-build git# NOTE: Use the intendended branch name instead of "master" to pull right dependency version
$ sudo dnf copr -y enable @pki/master$ sudo dnf builddep -y --spec pki.spec
````#### Build Procedure
After successfully installing the prerequisites, the project can be built with a one-line command:
````bash
$ ./build.sh rpm
````The built RPMS will be placed in `~/build/pki/` directory.
See also [Building PKI](docs/development/Building_PKI.md).
## Testing
| Test | Status |
| -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| SonarCloud | [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=dogtagpki_pki&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=dogtagpki_pki) |
| CA Tests | [![CA Tests](https://github.com/dogtagpki/pki/actions/workflows/ca-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/ca-tests.yml) |
| CA Tests 2 | [![CA Tests 2](https://github.com/dogtagpki/pki/actions/workflows/ca-tests2.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/ca-tests2.yml) |
| CA Clone Tests | [![CA Clone Tests](https://github.com/dogtagpki/pki/actions/workflows/ca-clone-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/ca-clone-tests.yml) |
| SubCA Tests | [![SubCA Tests](https://github.com/dogtagpki/pki/actions/workflows/subca-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/subca-tests.yml) |
| KRA Tests | [![KRA Tests](https://github.com/dogtagpki/pki/actions/workflows/kra-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/kra-tests.yml) |
| OCSP Tests | [![OCSP Tests](https://github.com/dogtagpki/pki/actions/workflows/ocsp-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/ocsp-tests.yml) |
| TKS Tests | [![TKS Tests](https://github.com/dogtagpki/pki/actions/workflows/tks-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/tks-tests.yml) |
| TPS Tests | [![TPS Tests](https://github.com/dogtagpki/pki/actions/workflows/tps-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/tps-tests.yml) |
| ACME Tests | [![ACME Tests](https://github.com/dogtagpki/pki/actions/workflows/acme-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/acme-tests.yml) |
| EST Tests | [![EST Tests](https://github.com/dogtagpki/pki/actions/workflows/est-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/est-tests.yml) |
| Server Tests | [![Server Tests](https://github.com/dogtagpki/pki/actions/workflows/server-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/server-tests.yml) |
| Python Tests | [![Python Tests](https://github.com/dogtagpki/pki/actions/workflows/python-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/python-tests.yml) |
| Tools Tests | [![Tools Tests](https://github.com/dogtagpki/pki/actions/workflows/tools-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/tools-tests.yml) |
| IPA Tests | [![IPA Tests](https://github.com/dogtagpki/pki/actions/workflows/ipa-tests.yml/badge.svg)](https://github.com/dogtagpki/pki/actions/workflows/ipa-tests.yml) |## Contributing
There are multiple ways for you to be part of this project. Please see [CONTRIBUTING]( CONTRIBUTING.md) to learn more.
## Contact Us
See [Contact Us](https://github.com/dogtagpki/pki/wiki/Contact-Us).
## License
[GPL-2.0 License](LICENSE)