DS

From Dogtag
Jump to: navigation, search

Overview

PKI server uses an LDAP server as a backend to store the data and some of the server configuration. Currently the only supported LDAP server is 389/Red Hat DS. Each PKI subsystem requires an DS instance. The DS instance can be shared among multiple subsystems and the subsystems will use separate backend databases. The DS instance can be local or remote.

Prerequisites

$ dnf install 389-ds 389-admin

Deployment Scenarios

See DS Deployment Scenarios.

Instance

See DS Instance Setup.

To restart DS instance:

$ systemctl restart dirsrv@pki-tomcat.service

DS Backend

Connection

Authentication

See DS Authentication.

Authorization

See DS Authorization.

Logging

See DS Logging.

References