The Dogtag Certificate System is a highly configurable set of software components and tools for creating, deploying, and managing certificates. The standards and services that facilitate the use of public-key cryptography and X.509 version 3 certificates in a networked environment are collectively called the public key infrastructure for that environment. In any PKI, a certificate authority is a trusted entity that issues, renews, and revokes certificates. An end entity is a person, server, or other entity that uses a certificate to identify itself.
The Certificate Authority (CA) subsystem is the component that provides Certificate Authority functionality for issuing, renewing, revoking, and publishing certificates and creating and publishing Certificate Revocation Lists (CRLs).
The CA subsystem is implemented in Java and it runs on Tomcat.